Cyber Security Analyst

At Leidos Australia, we operate a 24x7x365 Central Processing Cyber Security Operations Centre (CP SOC) capability, with the Department of Defence. CP SOC works collaboratively with the Defence Security Operations Centre (DSOC) to assist in defending one of the largest and most complex ICT networks in the southern hemisphere.

We are seeking an experienced Cyber Security Analyst to join our team member to achieve Defence mission outcomes.

This is a permanent role that requires the successful applicant to working on a rotating shift roster (typically 12 hour shifts) onsite at HMAS Harman in Canberra.

This role offers you the opportunity to:

• Develop your technical and cyber security skill sets
• Build and shape security tooling to defend critical national security infrastructure
• Challenge yourself by sinking your teeth into some wicked problem sets
• Help build the team culture that you have always wanted to work in

To be successful in this role you will need:

• Self-starting individual with the right attitude, aptitude and zeal to identify, take ownership of and solve challenging problems
• Interest in continual learning and development of themselves
• Be prepared to rapidly upskill yourself to respond to adversaries
• Strong communication and stakeholder management skills
• A working knowledge of applicable industry and government cyber security frameworks

As a Cyber Security Analyst, working within a 24/7 Security Operations team, you will monitor networks and endpoints for security events, alerts, active threats, intrusions and compromises and perform triage. Depending on the issue you may manage the event end to end, consult with your peers or escalate as appropriate.

This is a great opportunity to build upon your existing technical knowledge and skills and grow your career in a dedicated cyber security role. Your responsibilities will include;

• Analysis of security events from multiple sources including but not limited to events from the Security Information and Event Management tool, network intrusion systems and Host based Intrusion Prevention tools (AV, HIPS, Application Whitelisting);
• Monitor and assess emerging threats and vulnerabilities to the environment and ensure those requiring action are addressed;
• Security Incident Management, advice and education and maintaining the currency and health of the deployed security tools;
• Provide technical administration support for security suite of software and hardware;
• Produce contractual and stakeholder reports and review, document and improve processes to contribute to the overall security of the environment.
• Develop your leadership skills, and within the broader team, to meet mission and contractual outcomes
• Working collaboratively with stakeholders to triage, manage and report on security incidents,
• Build relationships with stakeholders
• Actively develop SOC tactics, techniques and procedures (TTP’s) and security toolsets
• Develop custom signatures to Identify, Detect, Protect, Respond and Recover from adversary’s attacks.
• Undertake Incident Reposponse activities using known adversary TTP’s and Indicators of Compromise (IOC’s) to detect advanced threats.
• Undertake Incident report writing development of security operational documentation

Requirements

About You and What You'll Bring

Coupled with your education and/or practical experience, you will be customer-focused and motivated to learn new technologies and go the extra mile to ensure customer needs are met. In addition you will demonstrate the following knowledge and skills;

• Cyber Security or IT experience performing critical thinking tasks, troubleshooting endpoint or network issues
• Understanding of incident management and response and reviewing threat data from various sources.
• Experience reviewing raw log files, data correlation and analysis would be an advantage i.e. firewall, network, IDS, system logs.
• A demonstrative willingness to learn Cyber and a desire to learn and grow.
• Demonstrated expertise in monitoring SIEM (Splunk or equivelent) apps, rulesets, dashboards and workflows is essential;
• Demonstrated intermediate Windows, Linux and Networking experience highly desired;
• Demonstrated experience in Incident Response experience highly desired;
• Demonstrated experience with Trellix EPO, Tenable and/or Palo Alto platforms, or similar, highly desired;
• Industry ICT Security qualifications such as CompTIA Sec+, CISSP, GIAC, GCIH etc desired, but not essential;
• Demonstrated ability to consistently produce excellent results in a complex environment;
• Current NV1 or NV2 clearance.

Successful candidates will be required to be Australian Citizen and hold and maintain a minimum NV-1 Australian Government Security Clearance, with the expectation of obtaining an NV-2.

Additional information

At Leidos, you’ll enjoy 12 weeks’ paid parental leave as a primary carer, flexible work practices, discounted health insurance, novated leasing and more. Foster your career through complete access to learning and development and mentoring opportunities, we have a strong track record of internal promotion and career transitions.

As a business we are focusing on setting people up for growth and success, so individuals can develop specialist skills and make significant contributions whilst broadening their experience within the cyber security field. If this sounds like you and you have the right attitude coupled with the willingness to challenge yourself and want to be in a team delivering security capability for government – apply today.

We embrace diversity and are committed to creating a truly inclusive workplace. We welcome and encourage applications from Aboriginal and Torres Strait Islander peoples, culturally and linguistically diverse people, people with disabilities, veterans, neurodiverse people, and people of all genders, sexualities, and age groups.