1. Exciting opportunity for a IT Security Officer
2. Canberra located
3. 12 Month contract + multiple extension opportunities
4. Must hold an NV2 Security Clearance to apply for this role
The Client
Our Client is an Australian government intelligence agency that is responsible for the collection, analysis, and distribution of geospatial intelligence in support of Australia's defence and national interests.
The Role
The Security Operations Officer role will evolve over time in response to new capabilities, the consolidation of a Security Operations Centre (SOC) across multiple platforms and maturation of the organisation's broader IT security framework.
At present, the fundamental objectives of this role include:
5. Log monitoring and analysis, primarily in an AWS-hosted cloud context. Additional systems will include:
6. internally hosted platforms up to the SECRET level
7. hybridised platforms that span multiple security domains/infrastructure patterns.
8. Provide technical support to Incident Response (IR) activities. Response activities may be led internally or via external authorities.
9. Development and implementation of SOC use cases. This includes system-specific use cases but will include dataflow use cases across multiple platforms.
10. Identification of security and functional limitations across relevant platforms and input into the resolution of these with other technical and non-technical teams.
11. Input to other IT Security capabilities. This requires:
12. A detailed understanding of the platforms they are responsible for to inform Governance Risk and Compliance (GRC)
13. vulnerability management and penetration testing activities.
14. Work with delivery and sustainment teams for technical delivery and maintenance of capabilities. This includes:
15. Advocacy of SOC-based requirements
16. Configuration of IT security tools
17. Collaboratively identifying and resolving technical issues.
About You
The ideal candidate will possess:
18. Understanding of various COTS technologies such as AWS components, Splunk based indexing and Security Information and Event Management (SIEM)
19. Understanding of containerisation and Docker-based development
20. Strong stakeholder engagement and formal reporting skills
21. Experience with log monitoring and analysis, primarily in an AWS-hosted cloud context. Additional systems will include:
22. internally hosted platforms
23. hybridised platforms that span multiple security domains and infrastructure patterns.
24. Experience providing technical support to Incident Response (IR) activities response activities may be led internally or via external authorities.
25. Development and implementation of SOC use cases. This includes:
26. system-specific use cases
27. dataflow use cases across multiple platforms.
28. Experience Identifying security and functional limitations across platforms and input into the resolution of these with other technical and non-technical teams.
29. Experience providing Input to other IT Security capabilities. This requires:
30. Establishing a detailed understanding of the platforms they are responsible for to inform Governance Risk and Compliance (GRC)
31. vulnerability management and penetration testing activities.
32. Experience working with delivery and sustainment teams for technical delivery and maintenance of capabilities. This includes:
33. Advocacy of SOC-based requirements
34. Configuration of IT security tools
35. Collaboratively identifying and resolving technical issues.
You must hold an NV2 Security Clearance to apply for this role
To