Cyber Security Operations Specialist

Summary about this job

Detail information about job Cyber Security Operations Specialist. Terms and conditions vacancy

• Work for a company that understands and values tech
• Brand new $73 million headquarters located in the heart of the Sunshine Coast
• Exciting & challenging workplace environment

Youi prides itself on being different. We've challenged the Australian insurance industry and we've worked hard to build a strong brand and an agile and innovative culture. Our unwavering commitment to our people (1,400 across three countries) and being a great company to work for is key to our success.

We are currently looking to recruit an experienced Security Operations Specialist. Working as part of the Security Operations Team, you will be primarily responsible for SIEM & logging activities relating to YOUI’s fleet of Endpoints, Servers & Security devices & Infrastructure – This infrastructure spans 3 x countries.

The Security Operations Specialist performs two core functions for the enterprise. The first involves the day-to-day monitoring, triage and security incident management of Youi’s computing environment and application services. The second relates to the development, customisation and operation of the Security Information and Event Management (SIEM) platform.

The ability to perform granular analysis of events & correlations relating to end-users, endpoints, servers, load balancers, firewalls and similar infrastructure will be imperative. 

You will be monitoring both emerging threats, aswell as emerging technologies & practises, on a daily basis.

Implementing & customising event correlations & operational security metrics that will assist in shaping improvements in business & security practise will be key.

The ability to analyse potential security incidents or events & determining if an event or incident is a genuine security breach will be paramount. Similarly, harvesting & preserving related evidence for further analysis, reporting, or legal action will be just as important.

Working with the other members of the Security Operations team to build platforms & architectures that are resilient to attack will be key.

Experience implementing, integrating, monitoring, and supporting security activities grounded in Firewalls, WAF’s, Endpoint anti-viral products & DLP will be highly advantageous.

The ideal candidate would have

• Experience and technical qualifications relating to relevant technologies and products (SPLUNK, SANS, ISC2 certifications)
• A thorough understanding of SOC environments
• Strong analytical and technical skills
• Demonstrated track record in detection, investigation and problem-solving skills.
• A solid understanding of IT security architectural principles and frameworks
• Highly developed analytical skills
• Strong communication skills and customer service ability
• Strong knowledge on Information Security, Network Security, and Cloud-based I.T. architecture.
• Experience in network, host, data and/or application security in multiple operating system environments.
• Experience working with IP networking, networking protocols and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic mail and access-lists.
• Experience working with internet, web, application and network security techniques.
• Experience working with relevant operating system security (Windows, Solaris, Linux)
• Experience working with Next-generation firewalling (Palo Alto), WAF’s (F5), network scanning, and intrusion detection products aswell as authentication technologies, will be highly regarded.

Roles & Responsibilities:

• Act as first responder for Cyber Security Incidents, Events and ensure cyber security incidents are managed and communicated to the necessary stakeholders according to sensitivity and criticality.
• Produce metrics and reporting on the state of system and network security, threat, vulnerability and patch management.
• Design and deliver actionable Information Security dashboard and scorecards
• Write comprehensive threat reports including assessment-based findings, outcomes and recommendations for further system security enhancement. The ability to communicate with varying levels of customers & stakeholders. The ability to engage with Vendors & related technical support
• Define, develop and maintain operating standards, procedures and work instructions for all cyber security components/services.

How to Apply

For more information or to apply please send your resume through Apply Now or call Daniel Simpson on 07 3175 5480 [link removed]