Gaz - Aps5 - Act - Technical Cyber Analyst

**Contact**: hiringManagerName **Phone**: 02 6223 9376
**Period of Vacancy**:Ongoing
**Number of Vacancies**:Several

**Who can apply**:
Please note this opportunity is available to current Australian Public Service employees and all eligible members of the community.

**About the Department of Home Affairs**:
Be part of something bigger: contribute to building a secure Australia that is prosperous, open and united.
Join a connected team of professionals, where you can be your authentic self; grow your career while making time for all parts of your life. Click here to see What we offer

The Department of Home Affairs is responsible for centrally coordinated strategy and policy leadership in relation to domestic national security arrangements, law enforcement, emergency management, counter-terrorism, social cohesion, the protection of our sovereignty, the integrity of our border and the resilience of our national infrastructure.

The Australian Border Force, an operationally independent body within the Department of Home Affairs, is Australia's frontline border law enforcement agency and Australia's customs service. The Australian Border Force's mission is to protect Australia's border and facilitate the legitimate movement of people and goods across it.

**Overview of the Branch and Section**:
The Cyber Risk Services (CRS) Branch performs two core interrelated functions. The first ensures continuous maturity improvement against the Protective Security Policy Framework (PSPF) and the Information Security Manual (ISM). The Section acts as the second line of assurance that involves risk oversight and compliance functions for managing the confidentiality, integrity and availability of all official information. The second function is network defence through detecting and responding to intentional and unintentional activities by both external and internal threat actors that could compromise the Department’s information and ICT assets.

The Cyber Prevention (CP) Section contributes to the Home Affairs purpose of a prosperous, secure and united Australia by assuring the Cyber Security Operations Centre, informing measures to defeat adversaries prior to an incident and improving system security confidence.

**About the role**:
The Technical Cyber Security Analyst will be responsible for performing activities assuring the confidentiality, integrity and availability of the Department’s systems and networks against advanced threats. The position will be involved in planning and conducting threat hunts, penetration tests, as well as Red and Purple Team exercises.

The position will require knowledge of penetration testing, log and artefact investigation methods and experience in incident response (IR). The position will involve analysing large and complex ICT and operational environments for exploitable issues or evidence of compromise. The position will also involve ensuring that threat emulation engagements are performed correctly and that any impact on the Departmental environment and systems is minimised. The position will contribute to reports for both technical and non-technical audiences. Analysts may also be required to assist with the Department’s Incident Response activities.

**Specific duties/responsibilities**:

- Analysts will be required to identify anomalous network traffic patterns, interrogate and analyse low-level operating system functions and utilise statistical analysis methodologies to attempt to uncover evidence of malicious tooling, techniques or behaviours
- Assist with the creation of automated tooling and signatures to assist the Department’s technical cyber capabilities
- Perform threat emulation activities requiring technical expertise in complex environments and scenarios
- Provide input into the enhancement of the Department's threat hunt and emulation capabilities, including the implementation of frameworks and related processes and procedures
- Assess and suggest improvements to analysis methods and workflows to increase overall team efficiency
- Develop threat-hunting hypotheses, contextualised by the portfolio’s threat landscape.

**Role requirements/qualifications**:

- Mandatory_
- Extensive experience in ICT or cyber security related fields
- Proven stakeholder engagement and relationship management skills
- Demonstrated proficiency in undertaking technical research and analysis, and the ability to translate and present information appropriately.
- Desirable_
- Tertiary qualification in ICT, Mathematics or Engineering
- Industry recognised cyber security qualifications - for example OSCP, GPEN, GCFE, GCFA
- Understanding/experience with cyber incident response, digital forensics or penetration testing
- Sound communication and stakeholder relationship skills
- Strong and adaptive critical thinking skills
- Technical writing skills to document investigation findings and methodologies employed
- Strong programing or scripting experience
- Experience performing a cyber-secur