At Leidos Australia, we operate a 24x7x365 Central Processing Cyber Security Operations Centre (CP SOC) capability, with the Department of Defence. CP SOC works collaboratively with the Defence Security Operations Centre (DSOC) to assist in defending one of the largest and most complex ICT networks in the southern hemisphere.
We are seeking an experienced Cyber Security Analyst to join our team member to achieve Defence mission outcomes.
This is a permanent role that requires the successful applicant to working on a rotating shift roster (typically 12 hour shifts) onsite at HMAS Harman in Canberra.
This role offers you the opportunity to:
- Develop your technical and cyber security skill sets
- Build and shape security tooling to defend critical national security infrastructure
- Challenge yourself by sinking your teeth into some wicked problem sets
- Help build the team culture that you have always wanted to work in
To be successful in this role you will need:
- Self-starting individual with the right attitude, aptitude and zeal to identify, take ownership of and solve challenging problems
- Interest in continual learning and development of themselves
- Be prepared to rapidly upskill yourself to respond to adversaries
- Strong communication and stakeholder management skills
- A working knowledge of applicable industry and government cyber security frameworks
As a Cyber Security Analyst, working within a 24/7 Security Operations team, you will monitor networks and endpoints for security events, alerts, active threats, intrusions and compromises and perform triage. Depending on the issue you may manage the event end to end, consult with your peers or escalate as appropriate.
This is a great opportunity to build upon your existing technical knowledge and skills and grow your career in a dedicated cyber security role. Your responsibilities will include;
- Analysis of security events from multiple sources including but not limited to events from the Security Information and Event Management tool, network intrusion systems and Host based Intrusion Prevention tools (AV, HIPS, Application Whitelisting);
- Monitor and assess emerging threats and vulnerabilities to the environment and ensure those requiring action are addressed;
- Security Incident Management, advice and education and maintaining the currency and health of the deployed security tools;
- Provide technical administration support for security suite of software and hardware;
- Produce contractual and stakeholder reports and review, document and improve processes to contribute to the overall security of the environment.
- Develop your leadership skills, and within the broader team, to meet mission and contractual outcomes
- Working collaboratively with stakeholders to triage, manage and report on security incidents,
- Build relationships with stakeholders
- Actively develop SOC tactics, techniques and procedures (TTP’s) and security toolsets
- Develop custom signatures to Identify, Detect, Protect, Respond and Recover from adversary’s attacks.
- Undertake Incident Reposponse activities using known adversary TTP’s and Indicators of Compromise (IOC’s) to detect advanced threats.
- Undertake Incident report writing development of security operational documentation
