The Client & Role: We’re currently working with an Australian utilities organisation, they’re looking to engage a SIEM Specialist in a permanent full-time capacity. As the SIEM Specialist you will be accountable for ensuring their enterprise platforms are being monitored effectively, actively protected against threats & vulnerabilities, and are able to respond and recover from incidents. This includes all aspects of digital technology across the business (including IT and OT) and enterprise business processes. The client operates a hybrid work model with three days per week on-site in their Melbourne office.Responsibilities: Accountable for the performance of the operational services that enable us to successfully protect our organisation and oversee Cyber Defence services providing detect, protect, and response processes and technologies. Accountable and responsible for Security Information & Event Monitoring (SIEM), Threat & Vulnerability Management and Cybersecurity Incident Management & Response and outcomes (e.g. Internal Audit remediation). Uplifting relevant control domains maturity as measured by National Institute of Standards and Technology (NIST) cybersecurity framework for both IT and OT, the Australian Signals Directorate (ASD) Essential 8, and other frameworks as identified. Monitoring the external threat environment and assessing the impact of changes upon the organisation and reflecting those changes in the operational security controls and incident response plans. Responsible for development of the detect and response components of the Cyber Security Strategy for Cyber Defence, including a ‘future state’ and a risk-prioritised implementation plan. Execute delivery of the Service Roadmap for Cyber Defence and process mapping, supported by with other teams and third parties. Required Skills & Specialisms: Tertiary degree in Information Technology, Information Security or equivalent working experience is required. Extensive experience and expertise in Security Operations, including gathering threat intelligence, managing a Security Information and Event Management Service, Incident Management & Response, and vulnerability management. Extensive experience and expertise in technology platform operations and management. Extensive experience and expertise in multiple operational security platforms. Security qualifications, accreditations and current certification in, for example, CISSP, CISM, CISA, ISO27001 LA and/or CRISC. Demonstrated practical experience in one or more of the following: VPDSF, NIST 800-53, ISO 27001, ISO 27002, ISO 31000, and/or PCI DSS. Highly developed Security Operation management skills. Knowledge of MITRE ATTACK framework, NIST standards, and relevant legislation and regulatory authorities. Expertise in Security Information & Event Monitoring (SIEM) and Threat Intelligence. Expertise in enterprise vulnerability management. Expertise in incident management response and reporting. If you’re a SIEM Specialist looking to take the next step in your career, apply now via the link provided, all questions can be directed to Daniel at daniel.clifford@talentinternational.com or +61 3 9236 7742 following formal application.Talent International
#J-18808-Ljbffr