Lead Cyber Analyst

**Location**:ACT, QLD, VIC, WA**

**Work Arrangements: Onsite**

**Security Clearance**:Must have NV2 Clearance

LH-01845

Cyber Analysts / Engineers provide operational and cyber system security management and administrative services.

**Cyber Analysts** will provide ICT security advice and assistance to government, including policy creation, project advice and assistance, and research. They need to understand cyber intrusion activities then use their research skills to provide reporting on threat modelling and intelligence. They will be organised, dynamic, outcome-orientated individuals with strong communication skills.

**Cyber Security Engineers** will implement, manage and retire the infrastructure (including physical, virtual, networking and cloud infrastructure) that supports digital services.

**Job Duties and Responsibilities may include**:
**Analysts**:

- Deliver complex briefs and cyber intelligence reporting related to the Australian Signals Directorate and national security issues.
- Undertake complex research and analysis of relevant cyber threat actors to provide situational awareness on the current and emerging threat to the Australian Signals Directorate.
- Analyse identified cyber threat event data and fuse with all-source intelligence in order to identify, model, and track threat actors targeting the Australian Signals Directorate, and recommend any required actions.
- Understand and use analytical tools and techniques to develop cyber threat activity-related assessments.
- Coordinate with senior leadership.

**Engineers**:

- Lead the coordination for the design, development, testing, implementation, documentation, support, security, maintenance or enhancement of signals intelligence systems.
- Utilise contemporary knowledge of the Information Communication Technology profession to create innovative technical solutions, to support the signals intelligence function.
- Design and implement solutions to issues impacting on the signals intelligence function.

**Requirements**:
**Technical skills required**:

- (preferred) Holds a Bachelor of Computer Science, Computer Systems Engineering or an Intelligence related discipline or equivalent qualification/work experience in either of these fields:

- Penetration Testing,
- Host and/or network Forensics, or
- Intelligence Analysis.
- At least 5 years' experience as a Cyber Analyst / Engineer or similar role.
- Extensive experience with network security technologies from vendors such as Palo Alto, Cisco, Sourcefire, FireEye, Blue Coat, Gigamon and Ixia.
- Vast experience installing and configuring COTS network security devices such as Next Generation Firewalls (NGFW), Intrusion Detection Systems (IDS), NetFlow and Network Visibility appliances.

**Essential criteria**:
1. F1:5 - Intrusion Detection and Analysis: Level 5 (CIISEC) Analysts: Manages intrusion and analysis teams. Responsible for taking decisions on appropriate response, escalating as necessary. Liaises with relevant threat intelligence units. Appropriate and relevant certifications include CREST Certified Network Intrusion Analyst, CREST Certified Host Intrusion Analyst, CREST Certified Malware Reverse Engineer.

2. B1:5 - Threat Intelligence, Assessment and Threat Modelling: Level 5 (CIISEC) Analysts: Undertakes complex threat intelligence/modelling tasks or threat assessments without supervision. Manages threat intelligence/assessment teams. Appropriate and relevant certifications include CREST Certified Threat Intelligence Manager.

3. I1:5 - Research: Level 5 (CIISEC) Analysts: Has led teams responsible for delivering against Information Security research strategies and/or programmes. Supervises and/or mentors research work of less experienced researchers.

4. DESN 5 - Systems design: Level 5 (SFIA) Engineers: Designs large or complex systems and undertakes impact analysis on major design options and trade-offs. Ensures that the system design balances functional and non-functional requirements. Reviews systems designs and ensures that appropriate methods, tools and techniques are applied effectively. Makes recommendations and assesses and manages associated risks. Adopts and adapts system design methods, tools and techniques. Contributes to development of system design policies, standards and selection of architecture components.

5. SCTY 5 - Information security: Level 5 (SFIA) Engineers: Provides advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards. Contributes to development of information security policy, standards and guidelines. Obtains and acts on vulnerability information and conducts security risk assessments, business impact analysis and accreditation on complex information systems. Investigates major breaches of security, and recommends appropriate control improvements. Develops new architectures that mitigate the risks posed by new technologies and business practices.

6. HSIN 5 - Systems installation an