Cyber Security Analyst

Company DescriptionNine. Australia’s Media Company.

Underpinned by our people, our strategic focus is on content, connections and growth.

Driven by our purpose - Australia belongs here - and guided by our values - walk the talk, turn over every stone, keep it human - we are the home of Australia’s most loved content and trusted brands across News, Sport, and Entertainment.

We lead the total television market in Australia through our key brands of Channel 9, Gem, Go, Rush and Life, and of course you can consume all our content, live or on-demand, on Australia’s leading free streaming platform, 9Now. We also own Stan, the market leading local subscription streaming service.

In our total audio business we are building talk radio for the next generation across 2GB, 3AW, 4BC and 6PR.

Nine is also an active participant in Australian consumer marketplaces through our majority shareholding in Domain and our ownership of Drive.

**Job Description**:
At Nine SOC, our mission is “Stopping Breaches”, we try to be concise about this as statements like “0 cyber security incidents” or “defend against all attacks” are misleading and superfluous. This is our highest priority and every capability that we develop and are responsible for would somehow contribute to this mission. We deal with successful and failed intrusions, insider error or malice, nation backed or financially motivated campaigns on a daily basis. The reality is that security weaknesses exist in every organisation and that circumstances causing these could be beyond our control, however, we are laser focused on doing everything we can to detect, contain and (help the business to) recover from these attacks. We leverage automation, open and closed source data at our disposal to detect and proactively develop actionable intelligence to help the business prioritise risks and mitigations against imminent threats.

The Cyber Security Analyst will be a part of the security operations team (SOC) aspiring to detect, hunt and respond to cyber security threats to Nine. This role will be a great fit for a blue teamer with understanding and interest in red team tactics and techniques, someone with an analyst mindset who wants to be actively involved in threat hunting, threat intelligence management and investigations using automation, data analysis and curiosity.

This is a hands-on role in a flexible working environment in a small but high functioning and diverse team. The role involves detection engineering, incident response, threat hunting and will be interacting with a broad set of business units. Hence, communication skills, problem solving and day to day learning are a big part of it. There is opportunity for involvement in a wide variety of cyber transformational work, training and upskilling.

**Key accountabilities for this role**:

- Investigation and analysis of alerts, advisories and incidents
- Attack surface mapping, critical vulnerability triage and impact analysis
- Curation, enrichment and correlation of indicators, creating actionable intel and managing their lifecycle
- Detection engineering, development and improvement of detection signature base across the SOC toolset
- Data and attack based threat hunting
- Reporting on threat intel, metrics and publishing internal advisories
- Automation of investigation, incident response and threat intel workflows
- Security Operations tooling management, configuration and operations
- Rotational on call roster

**Qualifications**:
**ESSENTIAL**
- Practical and flexible security mindset
- 2+ years of experience in Cyber Security
- Experience at working both independently and in a team-oriented, collaborative environment is essential.
- Deeply analytical lateral thinker with the ability to make business decisions through robust use of data;
- SIEM platform management and use case development
- Technical report writing
- Client service and management experience
- Scripting, automation and basic networking knowledge
- Excellent english and communication skills with the ability to engage at both technical and management levels.

**DESIRABLE**
- Programming experience
- Experience with network protection and EDR solutions
- Degree in Information Security, Information Protection, Computer Information Systems, Computer Science, Computer Engineering, Information Systems Management
- Industry certification desirable (e.g. OSCP, Security+, GSEC)

Additional Information
**Life at Nine.**

Nine is Australia’s largest locally owned media company - the home of Australia’s most trusted and loved brands spanning News, Sport, Lifestyle, and Entertainment. We pride ourselves on creating the best content, accessed by consumers when and how they want - across Publishing, Broadcasting and Digital.

Nine is a people business. Being part of the team means you’ll be in a culture that promotes creativity and innovation, diversity and inclusion, is open to feedback, rewards impact and ensures everyone is hear