Cyber Security Threat Intelligence Analyst
Through an industry-leading commitment to innovation, our client is investing in Australia's energy future. Through an industry-leading commitment to innovation, our client is investing in Australiaâ€™s energy future by developing the full portfolio of energy resources, including cleaner energy, renewables and energy efficiency, looking ahead by creating new products and services to help brighten the lives and businesses of millions of customers nationwide. As our client continues to build their internal capabilities they also look at increasing performance whilst providing a framework for which the retail energy business can innovate and grow and are seeking a Cyber Security Analyst to help drive initiatives to ensure all necessary systems are monitored to the appropriate levels, security breaches are detected and responded to in a timely and rapid manner.
This role will focus on maintaining awareness of cyber activity by reviewing open and closed source reporting for new vulnerabilities, malware, or other threats that have the potential to impact the company and extract indicators of compromise. Key responsibilities: Leverage insight from internal telemetry and review security incidents for intelligence value and conduct malware analysis of attacker tools to provide indicators for enterprise defensive measures Perform cyber threat intelligence analysis, correlate actionable security events, perform network traffic analysis using raw packet data, net flow, IDS, IPS, and custom sensor output as it pertains to the cyber security of communication networks, and participate in the coordination of resources during incident response efforts Compile, produce, and disseminate cyber threat intelligence (e.g.
, technical and status reports, briefings, recommendations, etc.) to analysts, management, and executives; Provide an accurate depiction of the current and emerging threat landscape and anticipate actions of threat actors Identify gaps and repeat problems (trend analysis) Recommend improvements to enterprise technology environment across all platforms Perform assessments of systems and networks This role requires a wide variety of strengths and capabilities, including: Bachelorâ€™s degree or equivalent experience Knowledge of internet and network technologies; specifically TCP/IP, UDP, SMTP, HTTP, HTTPS, FTP, SFTP and FTPS; any other Internet and network technologies would be an asset Strong understanding of and exposure to security tools such as firewalls, IDS/IPS, anti-virus, anti-spam, and server and network device hardening Ability to write and modify scripts and/or program in various languages, such as Python and PowerShell Working knowledge of security incidents and event management systems such as HP ArcSight and Splunk Proven competence with using MS Office and other desktop applications Previous experience in maintaining and troubleshooting day-to-day operational processes, such as report generation, data verification and data correl....