- Cyber Security Engineer
Application closing date: Sunday, 14 August 2022 • 11:59pm, Canberra time (in Canberra)
Estimated start date: Monday, 29 August 2022
Location of work: ACT
Length of contract: ASAP to 30 June 2022
Contract extensions: 2x 12 months
Security clearance: Must have Baseline
Rates: $120 - $150 per hour (inc. super)
Australian Government Department of Employment and Workplace Relations are looking to engage a Cyber Security Engineer who will be primarily focused on the following deliverables:
1. Develop and maintain of SIEM alerts and dashboards to aid with threat detection
2. Develop and maintain automatic detection and response capabilities using available SOAR capabilities
3. Utilise available threat intelligence to enrich alerts
4. Develop and maintain team SOPs and playbooks for SIEM management and configuration, including, actioning of alerts, alert exclusions and alert tuning.
5. Assist with the upkeep of the SecOps environment where needed
- Demonstrated experience managing/maintaining logging and SIEM technologies.
- Demonstrated knowledge of cyber security principles and processes in a defensive context
- Demonstrated ability to develop alerting rules and dashboards to assist with threat detection and incident response.
- Ability to learn and understand how the operating environment functions normally and effectively identify anomalies when they occur
- Experience with Azure Sentinel, Kusto Query Language (KQL) and Azure logging mechanisms
- Experience with Microsoft’s suite of security tools, including Azure Security Centre, Microsoft 365, and Microsoft ‘Defender for’ tools (Endpoint, Identity, etc.)
- Experience managing a Windows environment, including patching, Active Directory and Group Policy management
- Experience utilising threat intelligence services and tools such as MISP to enrich data and alerts that originate from SIEM and logging tools such as Syslog-ng