Cyber Security Analyst

Company Description

At NCS Australia, we believe in doing technology services better. Our commitment to quality, focus on people, and willingness to challenge traditional thinking set us apart. Our team brings this belief to life by partnering with our clients and communities to make tomorrow together.

We are committed to creating an environment that prioritises innovation, collaboration, and purposeful work. Our diverse team is empowered to make a meaningful impact with curiosity, creativity and resilience to shape better outcomes. Join us and accept the challenge of creating a better tomorrow.

Job Description

We are looking for a skilled Security Analyst to play a crucial role in safeguarding our clients organization's digital assets by possessing a comprehensive understanding of risk assessment and mitigation strategies. This involves the ability to meticulously analyze potential threats and vulnerabilities within systems and infrastructure, evaluating their likelihood and potential impact. Based on this thorough analysis, the analyst is responsible for developing and implementing robust mitigation strategies, effectively reducing the organization's exposure to security risks. Furthermore, a key aspect of this role is the proactive identification of security weaknesses, often through techniques such as vulnerability scanning and penetration testing. The analyst must then be capable of translating these findings into actionable solutions, often collaborating with software development teams to integrate security considerations directly into the software design process. This ensures that security is not an afterthought but rather an integral part of the system's architecture.

For Security Analyst to excel in this demanding environment, certain specialized knowledge and experience are highly valued. A strong understanding of security best practices specifically tailored for API development is increasingly important in today's interconnected digital landscape. This includes knowledge of secure authentication and authorization mechanisms, data validation techniques, and strategies to prevent common API vulnerabilities. Moreover, familiarity with the security frameworks and processes commonly employed within the Federal Government sector is a significant advantage. This often involves adherence to specific compliance standards, risk management methodologies, and security documentation requirements. Finally, practical, hands-on experience with Amazon Web Services (AWS) security tools is highly desirable. This includes proficiency in utilizing services designed for identity and access management, network security, data protection, and threat detection within the AWS cloud environment. Additionally, the ability to conduct thorough code reviews, identifying potential security flaws and ensuring adherence to secure coding standards, is a critical skill for a well-rounded Security Analyst.

Qualifications

• Proficiency in risk assessment and mitigation: Demonstrated deep understanding of methodologies for identifying, analyzing, and evaluating potential security threats and vulnerabilities across systems and infrastructure
• Ability to identify security vulnerabilities and solutions based on software design: Proactive approach to uncovering weaknesses in applications and infrastructure through techniques like vulnerability scanning, penetration testing, and security audits. Adept at translating findings into actionable solutions and collaborating with software development teams to embed security considerations from the initial design phase.
• Knowledge of security best practices for API development: Strong understanding of common API vulnerabilities, secure authentication and authorization mechanisms (e.g., OAuth 2.0, JWT), data validation techniques, rate limiting strategies, and secure logging and monitoring practices for APIs.
• Preferred experience with security frameworks and processes used in Federal Government: Familiarity with Australian government security standards and guidelines, risk management frameworks, security assessment and authorization processes, and compliance requirements specific to government entities. Experience navigating the unique security challenges and regulatory landscape of the Australian Federal Government is highly desirable.
• Preferred hands-on experience with AWS security tools and ability to review code: Practical experience in configuring and utilizing AWS security services such as IAM, Security Hub, GuardDuty, WAF, and VPC security groups.
• Previous Australian government project experience: Familiarity with the specific operational context, security requirements, and stakeholder landscape within the Australian government. Understanding of the nuances of government processes and security expectations is a significant advantage.

Additional Information

Why join us:

NCS Australia is where you can feel at home, nurturing your talents and skills as we make tomorrow together, one day at a time. Our benefits include paid parental leave, initiatives focused on your well-being and discounted health insurance. You will also enjoy discounts on various products and services and be regularly recognised and rewarded for high performance. We are committed to your career development through our Capability Fingerprint, industry and partner training programs, special interest groups, and an AI-driven learning platform. No matter where you are in your career, we offer meaningful work and opportunities for growth.

NCS Australia is an equal-opportunity employer, and we take pride in our commitment to valuing and supporting our people and the communities we serve.We are dedicated to attracting, retaining and developing our people regardless of gender identity, ethnicity, sexual orientation, disability and age. Applications are encouraged from all sectors of the community and we strongly encourage applications from the Veterans, Aboriginal and/or Torres Strait Islander community.

At NCS Australia, we are committed to supporting adjustments throughout the recruitment and selection process, as well as during employment. We actively support and encourage people with disability to apply.

Agencies:

We've got this. We request that you do not contact NCS employees outside of the Talent Acquisition team. NCS exclusively accepts resumes from agencies on our preferred supplier panel through the NCS Agency Portal. Agencies that submit resumes must have a valid fee agreement and be assigned to the particular requisition by the Talent Acquisition team. Any resumes that are submitted outside of this process will become the sole property of NCS. If a candidate is hired outside of this process, no fee or payment will be given.

Work rights and background checks:

To be eligible for a position with us, applicants will need to have valid work rights for Australia and be willing to undergo a comprehensive background checking process, including probity and police checks