Information Security Intelligence Analyst

Leadership Opportunity (and still get your hands on the tools)
- A globally known ASX company
- Some of the best benefits in the market
- Someone with expereince incorporating security operations capability, risk management and business outreach.
- Someone who has been a part of the key functional areas of detection engineering, threat intelligence and incident response.

**Benefits**:
We’re committed to looking after you, with some of the best benefits and conditions in the industry - including (but not limited to):

- Heavily discounted travel for you and your loved ones
- Flexible working arrangements (including work hours and work from home)
- Discounts on insurance, car hire, accommodation and experiences worldwide
- Discounted membership
- Hospitality, retail, technology, beauty services and wellness discounts
- Wellness support
- A comprehensive Employee Assistance Program, which offers confidential coaching and support from qualified professionals for all aspects of life - physical, mental, social and financial
- Dress for Your Day - enjoy the freedom to wear whatever is appropriate for the type of work you do and the day you have ahead of you
- Cohesive well-balanced team.
- No hierarchy
- Work well together.
- Open and collaborative culture.
- Hire people with leadership potential.
- Don’t mandate specific working days.
- Datacom are their service provider.

**Your day to day**:

- Develop and operate a security intelligence process which works at the intersection of detection engineering, threat intelligence and incident response.
- Track the evolving tradecraft, tactics, techniques, and procedures of threat actors targeting the aviation sector to aid threat-informed risk management.
- Craft and execute hypotheses for threat hunting and adversarial assessment based on incoming intelligence.
- Communicate the evolving threat picture to the key stakeholders by crafting tailored intelligence dispatches.
- Constantly assess the efficacy of security operations against common threat analytic frameworks like MITRE ATT&CK and recommend ways to address the gaps.
- Implement the tooling for gathering and analysing threat intelligence and develop the intelligence products to be consumed by the strategic and tactical audiences.
- Influence detection engineering by improving observability on log sources and defining use cases which bolster the security intelligence process.
- Integrate threat intelligence into the incident response and crisis management frameworks.
- Provide intelligence support for incidents and escalations and lead security response if the situation necessitates.
- Plan and conduct tabletop exercises and revise the playbooks for incident response.
- Develop and maintain external intelligence relationships with partner organisations.
- Deputise for the Information Security Operations Manager and be on-call if needed.

**About you**:

- Background in one of the following areas: threat intelligence, security operations and incident response.
- Understand the modern security operations stack.
- Demonstrated experience in operating technologies like Security Information & Event Management and Endpoint Detection & Response.
- A conceptual understanding of analytic frameworks like MITRE ATT&CK, CREST CBEST and Diamond Model.
- Possess mature stakeholder management skills and demonstrate the emotional intelligence to deal with complexity and uncertainty.

**Work type**: Full Time.
**Location**: Brisbane, Canberra, Melbourne, Sydney.

If you are interested in applying, please send me your cover letter and CV. If you have any questions, let’s have chat.

Kind regards,

**Kris Rosentreter**
m. +61 452 564 644