Overview of the role
We are looking for people to help us monitor and investigate security events for Commsec’s customers. You will use our tools and processes to respond to alerts and also proactively look for threats on customer environments through threat hunting. We rely heavily on automation to do the mundane tasks, so you will be free to work on the interesting parts of the role.
What will you do?
The main focus of the role will be on responding to alerts and threat hunting, but we want our people to be working on things they most enjoy, so over time we will give you the opportunities and training to do the things you want to do. Some of things you will do as part of this role:
- Investigate and resolve security events in line with Commsec’s incident management and response processes
- Accurately report and track incidents using our case management system
- Create and update SOC playbooks and procedures
- Ongoing fine-tuning and configuration of our SIEM
- Contribute to industry threat intelligence feeds by uploading new pieces of threat intelligence retrieved from SIEM & endpoint events
- Develop threat hunting hypothesizes to conduct threat hunting exercises across multiple technologies
- Triage and remove malware and PUA’s from endpoints
- Install endpoint protection and host intrusion detection agents on multiple types of Operating Systems (OS).
You will also need to demonstrate knowledge and experience outside of a learning environment:
- Experience of using a SIEM for investigating alerts
- Network analysis
- Knowledge of deploying security appliances, including but not limited to firewalls, IPS, endpoint protection, SIEM, DLP and HIDS agents.
- Solid understanding of TCP/IP and UDP, IP Addresses and subnetting, LAN/WAN
- Solid understanding of FTP/SSH/SSL/SMTP/POP3/HTTP/HTTPS/VoIP
- Experience with security tools for malware analysis and threat intelligence.
We want someone that will fit in with our team so you would need to have these personal skills:
- Ability to work under pressure
- Strong problem-solving and analytical skills.
- Ability to work as part of a team and independently.
- A passion for technology and security
- An enthusiasm for learning
The things below would be nice too:
- B.Sc. or M.Sc. in Cyber Security/ Computer Science / Information Technology or equivalent Third Level Qualification.
- Security certifications
What will you get?
- A competitive salary
- Pension contribution scheme
- All the coffee and tea in the world
- Hybrid working model
- Relevant training courses to enhance your skills
- The opportunity to work in areas you are interested in
- A relaxed and flexible working environment
- The experience you need to progress in your career
Interested? Please send your CV and brief cover note to [email protected]Apply Now