Gaz - Aps5 - Act - Cyber Security Analyst (Shift

**Contact**: hiringManagerName **Phone**: 0499 543 970
**Period of Vacancy**:Ongoing
**Number of Vacancies**:Several

**Who can apply**:
Please note this opportunity is available to current Australian Public Service employees and all eligible members of the community.

**About the Department of Home Affairs**:
Be part of something bigger: contribute to building a secure Australia that is prosperous, open and united.
Join a connected team of professionals, where you can be your authentic self; grow your career while making time for all parts of your life. Click here to see What we offer

The Department of Home Affairs is responsible for centrally coordinated strategy and policy leadership in relation to domestic national security arrangements, law enforcement, emergency management, counter-terrorism, social cohesion, the protection of our sovereignty, the integrity of our border and the resilience of our national infrastructure.

The Australian Border Force, an operationally independent body within the Department of Home Affairs, is Australia's frontline border law enforcement agency and Australia's customs service. The Australian Border Force's mission is to protect Australia's border and facilitate the legitimate movement of people and goods across it.

**Overview of the Branch and Section**:
The Cyber Risk Services Branch is part of the Technology and Major Capability Group, and is responsible for providing the Department's technical cyber security functions to ensure that cyber threats to the Department and the Australian Border Force (ABF) are identified and managed. The Branch provides the Identity Management and Access Control, Cyber Security Operations and the ICT Certification and Assurance functions. These positions are available in the Cyber Detection and Response (CDR) Section.

CDR is responsible for managing the Department’s computer network defence and cyber security incident response plan. The Section continuously monitors, detects and reports on cyber security incidents and vulnerabilities to assess the level of threat posed to the Department. The Section is also responsible for executing the appropriate response to confirmed cyber incidents, as well as providing technical expertise and capability to manage the Department’s secure investigations environment, network defence technology and data collection and analysis systems.

**About the role**:
The Cyber Security Analyst on shift is responsible for continual monitoring, triage, analysis and actioning of alerts at all hours. They will be required to assist in the collation of threat information from a variety of sources to create departmental specific intelligence that supports incident detection and the calculation of risk. The position provides a tier one/two incident response service, enacting, documenting and managing responses to security incidents.

**_Please note this position is specifically for shift work on a rotating 24/7 roster_**_, _**_including weekends and public holidays._**

**Specific duties/responsibilities**:

- Responding to events and incidents using established Standard Operating Procedures (SOPs) and Play Books
- Receiving and logging intelligence, alerts and information from a range of internal and external sources
- Assessing and triaging cyber event and incident information from a range of sources for action by the responsible teams
- Document and log incident response activities
- Provide statistical reporting on incident response activities
- Engage with Subject Matter Experts to affect response activity
- Contribute content and information to the threat information database that forms the cyber intelligence picture for the Department
- Manage and track the incident response process, ensuring events are assigned to an appropriate resolver group and actioned within an appropriate timeframe
- Assist in the creation of dashboards and reports to enable the automatic detection of threats and exploits
- Support the work of the Monitoring and Detection Support team in improving incident detection
- Investigate incidents and determine suitable responses/mitigations.

**Role requirements/qualifications**:

- Sound stakeholder relationship skills
- The ability to work with limited supervision
- The ability to quickly gain knowledge in a range of technologies
- Good communication skills.
- Mandatory_
- In depth knowledge in at least one ICT field of expertise, e.g. networks or midrange
- Demonstrated familiarity with Security Incident and Event Management (SIEM) systems
- Knowledge of the Information Security Manual (ISM) and cyber security concepts.
- Desirable_
- Formal qualifications in a Cyber Security related field
- Proven experience in ICT or Cyber Security related fields will be highly regarded
- Knowledge of data formats used to express threat intelligence information
- Unix, Windows and Networking experience
- An understanding of gateway and ICT security technologies.

**Applicant response**:
Please prepare a