Aps 6 - Insider Threat Analyst

$91,702 - $104,753 + 15% BDCP + up to 15.4% Superannuation
- Harman - ACT

**The Role**
As an APS 6 Insider Threat Analyst, you will be responsible for:

- Performing complex analysis of logs, evidence or digital artefacts in accordance with relevant policies, processes, standards and guidelines.
- Exercising a high degree of initiative, judgement, accountability, autonomy, and discretion for actions taken to prevent, detect, and respond to insider threats, security incidents and requests for information.
- Managing multiple competing priorities and be able to clearly and concisely articulate analytical and technical information (including insights drawn from a range of data sources) through the provision of detailed and accurate briefs, reports and correspondence (verbal and written).
- Senior analyst management responsibilities including but not limited to setting work priorities, managing workflows, tasking/training staff and undertaking considerable stakeholder engagement and management with internal and external stakeholders.
- Developing, documenting and implementing business processes to enhance insider threat capabilities.
- Leading the development and implementation of controls or actions to mitigate risks identified through complex analysis.
- Maintaining comprehensive knowledge of information security legislation, policies and procedures.

This role is eligible for an additional remuneration benefit known in Defence as a Building Defence Capability Payment (BDCP). This enables Defence to provide a premium, in addition to the base salary otherwise payable under the Defence Enterprise Agreement (DEA), for positions in occupational disciplines/classifications that are critical to Defence capability. For further information, please contact the contact officer.

**About our Team**
The Directorate of Insider Threat and Investigative Support (ITIS) is a highly skilled team comprised of cyber security professionals with a specialised focus on the timely detection and response to insider threats and digital indicators of security concern within the Defence Enterprise portfolio. ITIS is a multidisciplinary team operating within Defence’s complex and high-tempo environment. We work closely with internal and external stakeholders, including Investigative Authorities, to provide intelligence and digital artefacts to an evidentiary standard in support of digital security operations and investigations.

As part of Defence Cyber and Information Assurance Branch, ITIS reports to the Defence Chief Information Security Officer (CISO) and operates as part of the broader Defence Cyber Security ecosystem. ITIS contributes to the overall Defence ICT security posture through monitoring and the development of ICT security policy settings. ITIS collaborates closely with risk and assessment management teams, ICT services providers and project teams to mitigate risks within the Defence Information Environment and achieve positive security outcomes.

The advertised roles are within three separate analytical teams and successful applicants will be offered placements against preferences nominated at interview and the recruitment panel’s assessment of best fit for the role:
Protective Monitoring - Undertakes assessment and response to alerts and trending provided by the capabilities Security Incident Event Management system. This includes case referral, trending and statistical review and reporting, incident response activities and stakeholder engagement.

You will have exceptional data analysis skills, including the ability to understand and interpret ICT and technical indicators from a variety of sources, including logs, metadata, and Security Information and Event Management (SIEM) systems to detect and respond to security risks in a timely manner.

The following attributes, skills and experience will be highly regarded:

- Ability to interpret and convey technical information to a broad range of stakeholders.
- Strong written and oral communication skills, including the ability to devise reports with consistency and accuracy.
- Extensive stakeholder engagement and management skills, with the ability to manage multiple competing priorities.
- Experience with analytical tools (e.g. SIEM, Excel, PowerBI, Splunk, NUIX/Ringtail, or similar).
- Experience in ICT security operations or investigations.
- Understanding of relevant legislation, policies and procedures regarding data sharing, privacy, investigations and information security.