Cyber Security Operations – Analyst / Engineer
- Kingston, ACT, Australia
- Employees can work remotely
- Job Type: Permanent
We’re a large scale systems integration company, committed to delivering trusted solutions that help to safeguard Australia. With over 20 years’ local experience and the backing of a 37,000 global network, we currently number 1,400 employees mainly in Canberra and Melbourne. We’re growing fast and are building a business that is focused and fit for the future. Change and innovation are central to the way we work, and we thrive when developing unique, practical solutions to seriously complex challenges.
Leidos has been engaged by a Federal Government Department to work closely with other top tier partners to provide a leading Cybersecurity capability for critical infrastructure components.
We are tasked with developing and delivering cyber security services to directly support the Department’s mission. We are seeking highly motivated and appropriately experienced staff to help us deliver outstanding results.
These roles will require you to be understanding of the needs of the end user and to be able to provide services in a secure environment. We are seeking candidates from a variety of backgrounds, with appropriate experience in Cyber security analyst / engineering.
If these roles match your skills and interest please apply.
The Security Operations Analyst /engineer role is responsible for monitoring information sources such as the SIEM and other data sources for security anomalies and performing triage and incident investigation including maintaining Cyber security products such as McAfee security suite of products.
This role is critical to ensure issues are detected and responded to in a timely fashion and is an exciting position for those with experience working in a SOC and with security toolsets.
You will have the following responsibilities
· Ensuring alerts are reviewed in a timely manner;
· Performing initial assessment and triage as required then either with escalation to the appropriate team in a timely fashion or complete the investigation using available resources;
· Understanding and reviewing regular intelligence briefs to understand any changes to the threat landscape;
· Contributing to the team’s performance metrics;
· Learning on the job skills to improve your range of abilities;
· Working with other teams when appropriate to improve knowledge of the customers environments and possible threats;
· Identifying any deficiencies in the monitoring systems and suggesting improvements;
· Interacting with other teams to assist them in their tasks and vice versa; and
· Performing incident response tasks.
· Security platform maintenance, tuning and ruleset configuration
About You and What You'll Bring
Coupled with your education and practical experience, you will demonstrate a ‘can-do’, pro-active, approach with the ability to understand the business, identify issues and develop relationships to achieve Leidos Australia’s objectives.
You will have the following skills/knowledge:
· Intermediate to advanced skills in SIEM operation as an analyst ideally on Splunk;
· Experience in maintaining, updating and ensuring the endpoint security suite functionality;
· Running queries to follow a chain of events through multiple indexes or other sources;
· Some basic hands on experience with different security controls such as HIPS, NIPS, Endpoint controls, firewalls, proxies and other related technologies;
· Intermediate to advanced understanding of incident response techniques including initial and detailed investigation, computer forensics, chain of custody implications, working within authorised boundaries, malware analysis, etc.;
· Experience with formal incident response including containment, discovery, forensic analysis of source data, writing IR reports, basic malware analysis for windows and Linux, monitoring indicators of compromise;
· Some hands on experience configuring networking devices, common operating systems and common applications, ideally in a professional capacity in a prior infrastructure operational role or similar;
· Tuning of logs or other data sources to ensure appropriate events are captured;
· Hands on operational experience with cyber tools such as firewalls, end point security, proxies, anti-spam solutions or similar; and
· 2-4 years cybersecurity experience or substantial infrastructure experience with hands on experience managing security tools.
You will have the following personal attributes:
· Demonstrable strong personal interest in cyber security;
· Knowing when to ask for assistance;
· A keen interest to learn, both in the analyst field and related work areas;
· Willingness to go the extra mile for the customer and ensure their mission objectives are met;
· Basic understanding of how to query people effectively for information to support investigations whilst being sensitive to limitations of what is acceptable;
· generic infrastructure and networking skills;
· Contribute to policies, processes and procedures;
· Able to work with minimal supervision;
· Willingness to learn the network and identify appropriate sources of logs or other information to be integrated into the monitoring platform; and
· Proactively look for ways to improve the service, either through configuration, process or other changes as required.
Please note, this role will operate as part of an on call roster and successful candidates will need to be willing to form part of the on call roster.
Successful candidates will be required to be Australian Citizens and be able to obtain and maintain an Australian Government Security Clearance. NV-1/NV-2 Clearance preferred, but an NV-1 cleared candidate with strong experience and team fit will be considered.
At Leidos, we’ve built our business on the ability to Redefine Possible and the same applies to your career. We proudly embrace diversity and support our people at every stage of their Leidos journey in terms of inclusion, accessibility and flexibility. We look forward to welcoming you.