EMPLOYMENT

About the Team As an Information Security Analyst for Information Security Branch, you will work with teams from across the organisation to ensure interoperability of systems so that a variety of security incidents and risks across all Defence Intelligence networks are appropriately detected, addressed, and reported on to enable the security of the ASD's IT systems and missions. As a critical member of our Information Security Branch, our Information Security Analysts are generally responsible for: Achieving moderately complex analysis and investigation of malicious cyber security incidents. Communicating with, responding and providing advice to a range of stakeholders on moderately complex operational and administrative issues. Utilising a diverse set of tools and capabilities to investigate cyber security incidents. Proactive system monitoring. Continuous improvement and optimisation across systems. Documenting their work. The role will require excellent communication skills as you engage across the Agency and the Defence Intelligence Agency's (DIAs). You will need to manage your activities and performance in accordance with legislation and the ASD policies and procedures. High levels of maturity and professionalism are requirements of this role due to the sensitive nature of some tasking. This will require Information Security Branch analyst to display sound judgement, integrity, honest and discretion across all tasks and work processes. As a branch, Information Security will support your development in the agency through training and mentoring both on and off the job, providing the opportunities for you to push your skills within a strong and supportive work environment. We are looking for candidates who are motivated to leverage these opportunities to grow and develop their skills to further support ASD's mission. About the Role The duties of an ASD 4 & 5 Information Security Analyst occupation in ASD include the following: The ASD 4 Information Security Analyst role is responsible for monitoring Security situational awareness and automation tools for security events and alerts, including the analysis, investigation, escalation or closure of alerts. The ASD 4 Analysts perform the following tasks: Monitor incoming alert queues for potential security incidents Perform initial investigation analysis and triage of alerts, documenting findings in the Incident Management platform Maintain use-case playbooks, checklists and analyst Standard Operating Procedures (SOPs) Monitor the log health of SIEM Index's and report variations outside normal levels to Senior Analysts, Security Engineers and their team lead Support Incident Response and Investigation activities as required Conduct research and intelligence gathering regarding emerging threats and exploits The ASD 5 Information Security Analyst is responsible for monitoring Security situational awareness and automation tools for security events and alerts, with a greater degree of autonomy than expected from an ASD 4 Analyst. The ASD 5 Analysts perform the following tasks: Investigate information security incidents in line with broad direction set out by senior staff, while ensuring that incident response processes are being followed. Analyse and resolve identified security incidents in accordance with established procedures and recommend any required actions. Contribute to digital forensic investigations by processing and analysing evidence and artefacts in line with policy, standards and guidelines and support production of forensics findings and reports. Utilise a diverse set of capabilities, including various SIEM and investigation capabilities, to investigate cyber security and insider threat incidents. Be able to develop skills in new capabilities as required as part of investigations. Provide assistance with the development of a technical remediation plan and deliver findings to system owners and stakeholders. Communicate technical findings and recommendations through formal reporting, briefs, emails and verbal advice in accordance with the Australian Signals Directorate writing standards. Collaborate with organisations and stakeholders to provide remediation advice/plan to system owners and managers in order to improve system security posture. Build and sustain effective working relationships with team members and actively participate in teamwork and group activities. Facilitate appropriate direction, including technical direction, for their employees by clearly communicating goals and objectives. Further information can be found at: I'm changing my career | Australian Signals Directorate (asd.gov.au) The key duties of the position include The ideal candidate will have experience in the following areas: A solid understanding of cyber security concepts and/or enterprise IT systems. Excellent written and verbal communication skills. A critical and analytical mind-set. Demonstrable success in problem solving. Sound stakeholder relationship skills. ASD is seeking applicants to fill current and anticipated vacancies and to create a merit pool for future vacancies. In line with the Australian Public Service Commissioner's Direction 2022, upon completion of the recruitment activity, the merit pool will be available to locations across Australia.