Ae5 - Aee1 Cyber Threat Intelligence Specialist

**The Organisation**

The Australian Security Intelligence Organisation (ASIO) protects Australia and Australians from threats to their security. In a complex, challenging and changing security environment, our success is built on the imagination and intelligence of our team. ASIO's people are ordinary Australians but they do extraordinary things - they are our most important asset. To be successful in our mission, we need talented people who are highly capable, dedicated, adaptable and resilient.

**The opportunity**

Cyber threat and intelligence specialists work on and enhance ASIO's existing cyber threat intelligence (CTI) capability which involves refining and expanding the processes, tools, and expertise used to collect, analyse, and disseminate threat intelligence. This may include integrating new data sources, such as open-source intelligence (OSINT) feeds or internal security logs, to improve the accuracy and completeness of threat information. Additionally, enhancing ASIO's CTI capability may involve implementing advanced analytics and machine learning techniques to automate threat analysis and identification, as well as developing more effective dissemination and communication channels to ensure that threat intelligence is actionable and accessible to key stakeholders. This may also involve refining the threat modelling and risk assessment processes to better align with ASIO's specific risk profile and security priorities. By continuously enhancing CTI capability, will help improve the effectiveness of our threat detection, knowledge and response efforts, stay ahead of emerging threats, and maintain a strong cybersecurity posture.

A merit pool may be created to fill future vacancies which have the same or similar requirements to this position. This merit pool will be valid for up to 18 months.

This role may attract an additional technical skills allowance of up to 10% of base salary.

**Role responsibilitie**s

In this position you will:

- Leverage your understanding of cyber threat intelligence (CTI), technical analysis and automation to enhance and improve ASIO's CTI platform and tools enabling technical analysis automation on malware.
- Maintain and enhance cloud-native solutions using containerisation and orchestration tools.
- Manage the backend infrastructure, including cloud infrastructures, data storage and backups.
- Support the front-end development and user access, including roles and permissions.
- Troubleshoot various complex technical issues.
- Collaborate with internal teams to support the management of these tools.

**What you will bring**
- Strong analytical and problem-solving skills, with the ability to work under pressure.
- Demonstrated ability to work closely with stakeholders, including internal technology teams, external managed service providers, vendor professional services and domestic and international partners.
- Proven track record and professional history in systems engineering to deliver secure, trustworthy, sustainable and cyber resilient ICT enabled capabilities.
- Solid understanding of AWS and/or Azure security architecture concepts and knowledge and experience with cloud services such as containers, CI/CD pipelines, secure code management and S3 storage.
- An ability to handle large data sets, preferably with experience in using NiFi, ELK (Elasticsearch, Logstash, Kibana) and OpenSearch.
- Familiarity with enterprise operating systems e.g. Ubuntu and Red Hat.
- Experience with API management using REST APIs.
- Strong ability to communicate effectively both orally and in writing - including effectiveness in negotiation, consultation and representation both internally and externally.
- Demonstrated skills in time management and handling competing priorities.

The following qualifications or experience are desirable, but not essential:

- Relevant certifications with containerisation (Kubernetes and Docker) and software development (Python).
- Experience in the design, implementation and/or maintenance of enterprise systems
- Experience with threat intelligence platforms (e.g. OpenCTI, MISP, etc.).
- Knowledge of security frameworks and standards such as the Information Security Manual (ISM).
- At the AEE1 level (EL1 equivalent), a relevant degree or equivalent work experience, with strong technical expertise and relevant work experience in a role related to the implementation of CTI platforms, technical analysis or automation.
- At the AE5/6 level (APS5 and APS6 equivalent), a relevant degree or equivalent work experience in a role related to the implementation of CTI platforms, technical analysis or automation.

**What we offer you**

ASIO provides a number of benefits to its staff including:

- A competitive salary, including a 7.5% allowance for maintaining a TOP SECRET-Privileged Access security clearance.
- Employer superannuation contributions of 15.4%.
- A variety of leave options, in addition to the standard 4 weeks annual leave to ensure your work-li