Cybersecurity Response Specialist

As the needs of our customers change, so do we.

At AGL, we believe progress is powered by our people.

If you’re set on making real change for tomorrow, we have the scale, resources and ambition to get it started today.

Now’s an extraordinary time to work with us. We’re taking the lead on renewables and expanding our products to make them more sustainable, affordable and useful for all Australians.

That’s what we call progress. To achieve it, we’re bringing together people with unique stories, perspectives, backgrounds and talent - and we need yours too

About the role:
The Cybersecurity Response Specialist is the key member of the Cyber Defence and Response team and responsible for operating and enhancing the technical cyber response capabilities of the SOC. You will involve in the cyber incident response activities during crisis as well as ideate, develop, and conduct cybersecurity exercises during peacetime.

The role is also expected to drive the development and maintenance of security playbooks and response plans as an ongoing activity with multiple stakeholders.

What you'll be doing:
- Contribute and actively participate in the end-to-end cyber incident response activities within IT and OT environment during peacetime and crisis.- Working with multiple stakeholders before, during and after an incident in understanding specific response requirements.- Provide specialised third-level support, coordination with relevant stakeholders and technical assistance on any cybersecurity incidents to ensure it is handled in accordance with the response plans and playbooks.- The role is expected to be in the scheduled on-call rotations- Implement appropriate containment and remediation techniques in prevention of further incident- Participate and contribute in cybersecurity engineering activities for new and existing use cases.- Work with detection engineering function to provide new detection and monitoring requirements as part of the cyber response activities.- Provide documented reporting as part of cyber security incidents response activities, exercises, and key learnings as well as periodic reporting on cybersecurity response measurable metrics to relevant stakeholders.

About you:
You will bring a fundamental understanding in Security Operation Centre environment with some exposure in systems engineering or integration knowledge and experience with IT platforms and Operating Systems such as in Windows or UNIX/Linux.

What you can bring to the role:
- Cybersecurity incident response practices from the industry’s recognised framework- Mitre ATT&CK framework- Cybersecurity simulations and exercises- Understanding of attacker’s tactics, technique, and procedure- SIEM technologies.- Endpoint Detection and Response.- Network perimeter controls - Network security monitoring-
- Security Orchestration and Automation- Proxies/VPNs- Knowledge regarding Active Directory and threats faced by AD - Azure cloud security issues considerations especially in Azure AD and Office 365- Group Policy configurations and windows events in general- Industrial Control Systems (ICS) security in the Operational Technology (OT) environment- Cyber security simulation and exercises- Python or PowerShell scripting skill is highly valued- EndpointsReach out to us if you have any questions.

Please note - unsolicited resumes from agencies will not be accepted by AGL.

LI-Hybrid

COVID-19 Vaccination Policy

Inclusion at AGL

AGL has a commitment to maintain a diverse workforce, and welcomes the opportunity for applicants to share their lived experiences. We also recognise that some applicants may not wish to disclose, and we respect their decision. To learn more about reasonable adjustments that can be offered throughout the recruitment process, please visit:
Job Family Group:
Information Technology - Internet-Based