NSW, Australia

Senior Security Analyst

 Job Description:

A Snapshot

As the ICT Security Analyst, reporting directly to the ICT Security Advisor you will work closely with the rest of the ICT team, making your mark in a number of ways:

  • Implementing enterprise cloud security controls, aligning to frameworks such as AWS Well-Architected, Cloud Security Alliance Cloud Controls Matrix, and country-specific standards
  • Perform security reviews for applications and systems used across the client, from initial procurement through adoption and operation
  • Support the Information Security Management System in ensuring that the client meets its compliance requirements and deliver customer success

Your Day to Day

  • Identify, document, and raise security vulnerabilities and threat events relevant to the client cloud applications
  • Make sure the client Information Security Policy and security architecture principles are being followed
  • Research new cloud security capabilities in the market and document
  • Support the client ICT incident response function through threat monitoring, escalation, investigation and response
  • Assist the ICT Security Advisor in engaging with third parties (such as vendors, consultants, and service providers) and business partners on cloud security
  • Find opportunities for improvement and perform proof-of-concept activities
  • Promote secure user behaviour across the client through awareness initiatives

Requirements

  • Demonstrated ability in implementing and assessing security controls for cloud environments such as Azure and Office365
  • Have Baseline or NV1 Clearance or able to get one
  • Tertiary qualifications or equivalent experience in information technology and/or security
  • Solid grasp of the Shared Responsibility Model for cloud security, and the control set applicable to cloud assets
  • Full proficiency in written and spoken English
  • Superb communication skills and ability to connect effectively with all professional levels within the organisation
  • Good understanding and experience using vulnerability and penetration testing tools well regarded
  • Cyber Security industry certifications (e.g. CISSP, GICSP, CISM, GSEC, etc) are a plus
  • Strong WinTel and Networking skills
  • Strong time management and collaboration skills

  Required Skills:

Security