Canberra, ACT, Australia
SIEM Specialist NV2
Job Description:
Australian Citizens With NV2 Clearance previous defence experience preferred.
- 5+ years experience designing, implementing and supporting centralized logging and SIEM solutions in large scale, geographically dispersed and security-hardened on-premise environments which operate in low-bandwidth and disconnected states;
- 5+ years experience designing, implementing and supporting Elastic Stack (Elasticsearch, Logstash, Kibana, Beats);
- Experience optimizing centralized logging and SIEM environments, including query optimization, performance tuning and indexing strategies;
- Experience with creating and managing SIEM rules, models and dashboards
- Experience implementing SSL/TLS, authentication and authorization in Elasticsearch, Splunk or equivalent;
- Possess a good working knowledge of the following frameworks and standards: (Australian Information Security Manual (ISM), US National Institute of Standards and Technology (NIST), Information Security Management System (ISO27001);
- Excellent knowledge and experience of the security threat landscape and related security mitigations;
- Ability to take requirements, standards and frameworks and apply in a practical application to future proposed solution designs and systems;
- Strong communication, interpersonal and negotiation skills with demonstrable experience of presentation and engagement with stakeholders, projects and business areas;
- Ability to rapidly build, automate and deliver proof of concept systems to support analysis, testing, accreditation and development activities within a DevSecOps framework;
- Ability to adapt quickly to changing requirements in a fast paced highly kinetic environment to meet changing deadlines and deliverables;
- Ability to work under broad direction with a high level of autonomy; and,
- Experience developing highly available/fault tolerant systems, networks and infrastructure in a connected, partially connected, degraded or often disconnected state.
- Experience designing, implementing and supporting automation and orchestrated deployments of Elastic Stack;
- Experience in supporting Red Hat Enterprise Linux
- Experience with vulnerability management and compliance solutions for enterprise server environments using technologies such as Tenable Nessus,
- Experience and/or knowledge in privileged access management solutions;
- Proficient in scripting languages such as Bash, Python and Powershell
- Previous experience in a Technical Architect and/or Senior Operational
Support role;