security specialist in Brisbane CBD

apply now

job details

posted
location
brisbane cbd, queensland
job category
Information Technology
job type
contract
reference number
90M0331410_1515393463
contact
taryn botes, randstad
apply now

job description

The Security Operations Specialist reports to the Manager, Operational Security, Security & Identity Management, Enterprise Technology Services, Information Security Operations Specialist and Technologies Branch, Corporate Services Division.

This role aligns to Cyber Security Services Team, within Cyber Security Services. Cyber Security Services is responsible for the day to day Security and controls management and monitoring of ICT operations across all DET Corporate and School facilities, including specialist facilities.

The primary function of the Security Operations Specialist role is to ensure that the Department is focussed on day to day security operations, you will undertake activates such as Cyber Security threat and vulnerability identification and mitigation, addressing security incidents for the Departments Corporate and Schools environments, security patch management. Configuration, maintenance and administration by applying industry standard techniques to resolve cyber security issues and contribute to productivity improvements within the department.

As the Security Operations Specialist, you will:

  • Obtains and acts on vulnerability information and conducts security risk assessments for business applications and computer installations; provides authoritative advice and guidance on security, and recommends appropriate control improvements. Interprets security policy and contributes to development of standards and guidelines that comply with this. Performs risk assessments, business impact analysis and accreditation for all major information systems within the organisation. Ensures proportionate response to vulnerability information, including appropriate use of forensics.
  • Assist to draft and maintain the policy standards, procedures and documentation for cyber security. Monitors the applications and compliance of security operations procedures and reviews information systems for actual or potential breaches in security. Ensures that all identified breaches in security are promptly and thoroughly investigated. Ensures that security records are accurate and complete.
  • Compile the findings of the operation and activities, including the scripts, frameworks, tools, and methods leveraged to facilitate the execution of the operations, including severity of findings and identify potential remediation or mitigation strategies.
  • Work in a highly technical environment and have the willingness to research emerging technologies and exploitation methods relevant to the department, upskilling where necessary.
  • Create extensive documentation and be able to present your findings to the rest of the team including training and education for technical staff on advanced exploits, tools, frameworks and techniques.

While supporting the Cyber Security Service functions of Security Architecture, Patch and Vulnerability Management and Security Operations.

Cyber Security Services provide and maintain an effective delivery of ICT services for all customers and business partners through the application of well-defined operational processes, while supporting the development of innovative, scalable and sustainable solutions.

Determining your suitability for the Role:

To determine your suitability for the role, you will be assessed on the following key capabilities that link to the “evaluation criteria” for this role.

Knowledge in exploitation or enumeration techniques currently utilised on contemporary technologies. Ranging from but not limited to:

  • Injection
  • privilege escalation
  • buffer overflows
  • fuzzing
  • Scanning, etc.
  • Experience with writing and demonstrating proof of concept work from an cyber security perspective
  • Capable to assist in the creation and employ modules and tailored payloads for common testing frameworks or tools.
  • Understanding of cryptography, its role in the enterprise, and its strengths as well as weaknesses
  • Knowledge of tactics, techniques, and procedures that could be used for recon, persistence, lateral movement, and exfiltration
  • Broad experience with reverse engineering, malware analysis, and/or forensic tools
  • Solid understanding of networking topologies, protocol usage, and enterprise hardware including switches, routers, firewalls, and their roles in security
  • Knowledge of access and security control methodologies;
  • network / host intrusion detection,
  • vulnerability management tools,
  • patch management tools,
  • penetration testing tools, and
  • Anti-Virus solutions
  • Knowledge of and ability to apply security focused standards:
    • ITIL awareness and methodologies
    • IS18
    • ISO27000 series
    • OWASP Top 10

Favourable skills or accreditation:

  • Experience in any of the following tools or frameworks:
    • Metasploit
    • Malware analysis
    • Exploit kits
    • Cyber Threat intelligence
    • Software vulnerabilities and
    • exploitation Data analysis
  • Relevant Technical Security Certifications (GIAC, EC-Council, Offensive Security, CISSP, etc.)
  • knowledge of Linux/UNIX & Windows based operating systems
  • Demonstrated knowledge of the Splunk search language, search techniques, alerts, dashboards and report building.
  • Experience with Snort, Bro or other network intrusion detection tools
  • Detailed understanding of the TCP/IP networking stack & network technologies
  • Working knowledge of full packet capture PCAP analysis and accompanying tools (Wireshark, etc.)
  • Nominal understanding of regular expression and at least one common scripting language (PERL, Python, Powershell).
  • Strong collaborative skills and proven ability to work in a diverse team of security professionals
  • Ability to obtain a strong understanding of the technical details involved in current Advanced persistent

threats and exploits involving various operating systems, applications and networking protocols.



skills

Metaspoilt / Malware analysis / Exploit Kits / Cyber Threat Intelligence

qualification

Relevant Degree