Aps 6 - Insider Threat Security Specialist

$91,702 - $104,753 + 15% BDCP + up to 15.4% Superannuation
- Harman - ACT

**The Role**
We are currently recruiting for several ICT technical specialists in our Melbourne and Canberra offices.

As an APS 6 Insider Threat Security Specialist, you will be responsible for:

- Reviewing ICT system designs, identifying information and process risks and offer guidance on technical monitoring treatments to mitigate identified risks.
- Setting work priorities, managing workflows, tasking/training staff and undertaking stakeholder engagement and management with internal and external stakeholders.
- Developing and maintaining queries, rules and alerting within the SIEM tools to identify indicators of system misuse.
- Technical development, documentation and implementation of business processes to enhance insider threat monitoring capabilities.
- Providing technical advice and expertise for ICT security incident response and administrative investigation purposes.
- Manipulation, transformation and decoration of raw events to enable threat monitoring.
- Generate reliable and accurate reporting to stakeholders and senior management.
- Gaining and maintaining comprehensive knowledge of cyber security legislation, policies and procedures.

This role is eligible for an additional remuneration benefit known in Defence as a Building Defence Capability Payment (BDCP). This enables Defence to provide a premium, in addition to the base salary otherwise payable under the Defence Enterprise Agreement (DEA), for positions in occupational disciplines/classifications that are critical to Defence capability. For further information, please contact the contact officer.

**About our Team**
The Directorate of Insider Threat and Investigative Support (ITIS) is a highly skilled team comprised of cyber security professionals with a specialised focus on the timely detection and response to insider threats and digital indicators of security concern within the Defence Enterprise portfolio.

ITIS is a multidisciplinary team operating within Defence’s complex and high-tempo environment. We work closely with internal and external stakeholders, including Investigative Authorities, to provide intelligence and digital artefacts to an evidentiary standard in support of digital security operations and investigations. As part of Defence Cyber and Information Assurance Branch, ITIS reports to the Defence Chief Information Security Officer (CISO) and operates as part of the broader Defence Cyber Security ecosystem. ITIS contributes to the overall Defence ICT security posture through monitoring and the development of ICT security policy settings. ITIS collaborates closely with risk and assessment management teams, ICT service providers and project teams to mitigate risks within the Defence Information Environment and achieve positive security outcomes.

The ITIS directorate comprises of seven sections including Investigation Support, Insider Threat Intelligence, SIEM Engineering & Automation, ICT Platform Management, Sensitive Data Analysis, Protective Monitoring and Data Feed Assurance. These roles are within SIEM Engineering & Automation, ICT Platform Management and Data Feed Assurance

Team orientated collaborator with a strong passion for Information Technology and Cyber Security with the ability to understand and interpret ICT and technical indicators from a variety of sources, including logs, metadata, and Security Information and Event Management (SIEM) systems to detect and respond to security risks in a timely manner.

The following attributes, skills and experience will be highly regarded:

- Information Technology (IT) System Administration and skills with significant experience across a variety of platforms.
- Data Analysis skills, experience building queries to extract relevant data from datasets.
- Experience in analysing events and developing content using SIEM tools.
- High attention to detail and advanced data manipulation and analytical skills.
- Ability to interpret and convey technical information to a broad range of stakeholders.
- Understanding of relevant legislation, policies and procedures regarding data sharing, privacy, investigations and information security.
- Broad and substantial knowledge and experience in risk management.