*A permanent ongoing role based in Geelong*
Hybrid working (3 days office/2 days wfh) | Attractive benefits
*Only PR / Citizens may apply*
Your new role In this role you will:
Directly contribute to maintaining the cyber security posture of the department's environment through proactive monitoring, reactive incident support and documentation of security incidents and events.Analyse security incidents to identify root causes, ensuring continuous improvement opportunities are identified and actioned.Maintain and monitor internal cyber security platforms, firewalls and other SIEM systems currently in use within the network.Raise and take action on internal tickets to document incidents, moves, adds and changes, actioning and owning outcomes when appropriate.Collaborate with both internal IT Teams and external SOC to ensure incidents and investigations are managed end to end.Generate regular reports for consumption by senior stakeholders such as the Security Operations Manager, Information Security Manager, and working groups.Contribute to cyber security uplift projects, acting as SME when appropriate.Involvement in external and internal security assessments, acting on identified vulnerabilities and risks to control and minimise the risk of security breaches.Proactively identify emerging threats through government advisories and external research.Attend and contribute to CAB when required.Liaise with PMO resources where applicable to ensure smooth and efficient project delivery.Participate in an on-call roster when required.Coordinate between internal support and vendors when updates and patching to sec-ops tooling is required to ensure minimal downtime.Contribute to the creation and maintenance of incident playbooks and internal procedures.Undertake other tasks as requested by the Security Operations and Network Manager.What you need to succeed Demonstrated experience working with SIEM systems in a corporate or campus-based environment (3+ years).Experience identifying, drilling down and troubleshooting potential cyber security incidents.Understanding of endpoint and network security technologies.Tracking of network threats using available tools.Ensure new threats are ingested into platforms and tooling.Ensure endpoint protection software is maintained on all servers and workstations.Desirable skills Vendor qualifications and certifications in IT.Networking knowledge.Email and Layer 7 filtering knowledge.Server management experience – both physical asset management and server operating systems.Storage systems experience and knowledge.Virtualisation knowledge and experience (VSPHERE).What you need to do now If you're interested in this role or know of someone that may be, please click 'Apply Now' or forward an updated CV to ..... full job details .....