RFQ closing date Tuesday, 12 November 2024 DepartmentFederal Governemnt Requirement The Senior Cyber Threat Detection Analyst will be required to perform a leadership role while exercising a considerable degree of technical skill and independence to pertaining to the monitoring and response function of Sdepartment's Cyber Security. The primary focus of the Senior Cyber Threat Detection Analyst is to lead a multi-disciplinary team to develop and implement detection methods to identify, monitor, respond, protect against malicious cyber events targeting department and shared service agency networks in the cloud environment. This role requires in-depth knowledge of cyber security fundamentals to accurately determine impact, relevance of emerging and existing threats to operating cloud environments. The Senior Cyber Threat Detection Analyst will draw upon their experience and knowledge of detection methodologies and technologies, attack vectors, vulnerability management principles, network security, security engineering principles, information systems control design, and control monitoring. Primary Technologies Cloud monitoring technology Microsoft Sentinel, Microsoft Key duties may include, but are not limited to: Various work under the Cyber Security Uplift Project (CSUP). Threat Detection development is inclusive of reviewing and approving detection use cases, response playbook development and implementation of detection use Provide technical or strategic advice on complex issues related to detection Coordinate the accurate and appropriate referral and subsequent tuning of detection use cases. Review and contribute to process documentation including providing input into the development of processes and ensuring documentation aligns with outcomes and goals of the process. Provide timely, relevant and accurate information to the Director Cyber Threat Detection where business impacts of events and decisions are sensitive, including but not limited to: Wide ranging Events affecting senior executives or other agencies. Confidentiality, integrity and availability are impacted. Provide technical guidance, leadership, and support to Cyber Security Operations staff while overseeing Cyber Threat Detection roles. Prioritise tasking and duties in accordance with direction from Cyber Security Division teams considering risk, urgency and impact using independent judgement. Provide expert advice and assistance to team members performing technical work FAQs Estimated start date Wednesday, 01 January 2025 Initial contract duration Up to 12 months. Location of work ACT Working arrangements Candidates must work from department's Canberra office a minimum of 3 days per week. Security clearance Must have Negative Vetting Level 1 Candidate Selection Criteria Mandatory Criteria Proficiency in managing SIEM platforms Microsoft Sentinel & Knowledge of network architecture concepts including topology, protocols, components, and principles. Weighted Criteria Experience in developing SIEM use cases and/or Experience in SIEM Understanding of the requirements of network security Must possess strong verbal and written communication Understanding of Windows Strong stakeholder engagement Familiarity with the MITRE ATT&CK