Digital Forensics

THE COMPANY

This large and well-known organisation employs more than 70,000 staff in 100+ countries around the globe. They are a creative and innovative business that are expanding their Cyber Security capabilities in Australia by establishing a new DFIR function in the region.

WHAT'S ON OFFER

- Join a newly established CSIRT team in Sydney.
- Ongoing training by dedicated cyber trainers.
- Flexible hybrid working options.
- Collaborate with a tenured team of passionate IR and DF professionals.
- Involvement in interesting projects across cloud security & cloud IR, SOAR playbook development, IR framework improvement.

THE ROLE & RESPONSIBILITIES

Newly created Digital Forensics & Incident Response (DFIR) Specialist position to build out capability in the APAC region. The role focuses on incident investigation & response, digital forensics, and uplift/automation. You will work alongside various global teams (SOC, Threat Intelligence, CSIRT etc) operating in a follow-the-sun model.

KEY ELEMENTS INCLUDE

- Monitor, detect, and respond to InfoSec threats.
- Lead & support security incident investigations – data breaches, malware infections, insider threats, APT's etc.
- Triage, contain and remediate cybersecurity incidents and threats.
- Root cause analysis and develop IR reports with actionable recommendations.
- Collect, preserve, and analyse evidence from endpoints, networks, and cloud environments.
- Undertake memory forensics, disk forensics, and network packet analysis.
- Identify IOC's and TTP's used by threat actors.
- Work with SIEM, EDR and threat intelligence tools.
- Continuously identify improvements to Incident Management and Incident Response processes.
- Research and investigate new and emerging threats.
- Integrate information from disparate sources and create tactical intelligence to better protect organisational assets.
- Collaborate and communicate with various internal teams – SOC, IT teams, Internal Audit, Legal, and various business stakeholders.
- Work alongside a local and global teams in a 'follow-the-sun' model.

REQUIRED EXPERIENCE / BACKGROUND / KNOWLEDGE

Suitable for a Senior SOC or CSIRT Analyst with proven experience responding to multi-level cyber incidents in enterprise environments. Ideal for someone with a digital forensics background who can confidently communicate and 'see the big picture'.

- Proven Cyber Security Incident Response experience.
- Background in digital forensics.
- Experience using SIEM, EDR, and digital forensics tools.
- Threat hunting skills and ability to create queries to detect incidents.
- Ability to translate orchestration design documents into SOAR playbooks.
- Scripting experience is beneficial – e.g. Python, PowerShell, etc.
- Cloud security knowledge is beneficial – including techniques to secure cloud environments & cloud Incident Response.
- Background inside enterprise environments, preferably with globally dispersed teams.
- Strong attention to detail, problem-solving & analytical skills.
- Clear & confident communication & stakeholder management abilities.
- Australian Citizenship and ability to obtain NV1 clearance is essential.

COMPENSATION & BENEFITS

Full-time permanent role with hybrid working. Salary range $140,000 – $150,000 (plus super) – depending on experience.

NOTE

Australian Citizenship and ability to obtain NV1 clearance is essential for this position and successful applicants will be contacted.

#J-18808-Ljbffr