About the role The role holder will bring a mature approach to their work with extensive technical knowledge and hands-on experience in Security Operations. This is a unique opportunity to join an established national security operations team. You will work closely with key stakeholders at all levels to develop what you see as a great 24/7 operational cyber defence capability. But don't worry, you will not be required to work on the weekends or after hours!
Day to day- Using security information and event management (SIEM) platform to monitor organisations’s network and endpoints for security alerts and investigate incidents.
- Provide second / third tier responder analysis and investigation of incidents and security alerts from the SIEM platform or where escalated by team members.
- Drive containment strategy during incident, data loss or breach events.
- Use of applications and systems, such as firewalls, IDS, NAC and data encryption programs, to protect sensitive information and carry out further investigations.
- Understand and articulate emerging threats and incidents to different audiences within the organisation, including technical, operations management, senior management and executives.
- Research the latest information security trends and incorporate the knowledge to build strong understanding of possible impact to organisation’s environment.
- Create reports relevant to function such as end of day summaries, handover report, management intelligence, threat and risk analysis.
- Liaise with third parties and vendor when required to troubleshoot SIEM platform
What do you need?- Ideally you will have proven 5 years experience as a Security analyst
- Experience with industry compliance and standards such as ISO 27000, PCI:DSS, NIST, HIPAA, OWASP Top 10,MITRE or others
- Proficient skills working with both Microsoft Sentinel and Defender
- Ideal person will have hands on experience with analytic queries, log ingestion and configurations
- Abilities to lead incidents and mentor junior team members
- A strong track record around playbooks and developing automation rules
- Experience of security incident management and an understanding of best practice frameworks
- Technical knowledge and practical experience in any associated area e.g., networks, malware analysis, digital forensics etc.
- Familiarity with tools commonly used in the IT security arena, such as Tenable, Nessus, NMAP, Kali Linux, Elastic, or similar
- The ability to obtain, and maintain, an appropriate New Zealand Government security clearance
Due to nature of this position, we're only able to accept applications from candidates who have existing working rights to work in NZ. This is a fully remote position and can be based anywhere in New Zealand. Need more information? Please contact yaman@84recruitment.co.nz