About the company
Our client is a large government agency that is currently undergoing a complex digital transformation. As part of this program, there is a multi-year cybersecurity uplift initiative in place to enhance cyber awareness across the country.
About the role
The role holder will bring a mature approach to their work with extensive technical knowledge and hands-on experience in Security Operations. This is a unique opportunity to join an established national security operations team. You will work closely with key stakeholders at all levels to develop what you see as a great 24/7 operational cyber defence capability. But don't worry, you will not be required to work on the weekends or after hours!
Day to day
- Using security information and event management (SIEM) platform to monitor organisations’s network and endpoints for security alerts and investigate incidents.
- Provide second / third tier responder analysis and investigation of incidents and security alerts from the SIEM platform or where escalated by team members.
- Drive containment strategy during incident, data loss or breach events.
- Use of applications and systems, such as firewalls, IDS, NAC and data encryption programs, to protect sensitive information and carry out further investigations.
What do you need?
- Understand and articulate emerging threats and incidents to different audiences within the organisation, including technical, operations management, senior management and executives.
- Research the latest information security trends and incorporate the knowledge to build strong understanding of possible impact to organisation’s environment.
- Create reports relevant to function such as end of day summaries, handover report, management intelligence, threat and risk analysis.
- Liaise with third parties and vendor when required to troubleshoot SIEM platform
Due to nature of this position, we're only able to accept applications from candidates who have existing working rights to work in NZ and based in either Wellington, Christchurch or Auckland locations.
- Ideally you will have proven 5 years experience as a Security analyst
- Experience with industry compliance and standards such as ISO 27000, PCI:DSS, NIST, HIPAA, OWASP Top 10,MITRE or others
- Proficient skills working with both Microsoft Sentinel and Defender
- Experience of security incident management and an understanding of best practice frameworks
- Technical knowledge and practical experience in any associated area e.g., networks, malware analysis, digital forensics etc.
- Familiarity with tools commonly used in the IT security arena, such as Tenable, Nessus, NMAP, Kali Linux, Elastic, or similar
- The ability to obtain, and maintain, an appropriate New Zealand Government security clearance