Cloud Cybersecurity Engineer supporting multi - cloud environments for critical USAF missions. Designing, deploying, and maintaining security for AWS, Azure, Google, and Oracle Clouds.
About the role
- Cybersecurity Incident Responder in Datacom's CSIRT team investigating major incidents and conducting digital forensics. Collaborating with stakeholders and providing proactive response services.
Responsibilities
- Conduct thorough investigations into major security incidents, determining root causes, impact, and mitigation strategies. Providing expertise and support to contain, eradicate, and recover from such security incidents.
- Conduct analysis of affected systems utilising forensic techniques to thoroughly examine system events and adversary activities.
- Utilise security tooling such as EDR, SIEM, XDR, & Identity technologies to assist your investigation of confirmed or suspected compromises.
- Undertake log & correlation analysis and construct a timeline of adversary activities.
- Identify intrusion vectors & root causes and develop recommendation actions to prevent similar incidents.
- Collect digital forensics evidence from affected systems in accordance with industry standards for image acquisition and preservation of digital evidence.
- Produce comprehensive, detailed DFIR reports outlining the investigative steps undertaken, your findings, and recommendations.
- Support the coordination of containment, eradication and recovery efforts based on available information and established processes.
- Analysis of incident response effort, with feedback from the customer and third parties as part of Post Incident Reviews (PIRs) and Lessons Learned.
- Deliver proactive incident response services which include tabletop exercises, threat hunting, compromise assessments, breach readiness assessments, threat intelligence briefings, and threat modelling.
- Communicate with senior stakeholders within Datacom and our customers.
- Work with other members of the CSIRT team, to develop the technical capabilities of the CSIRT - including improving the processes and technology to deliver successful outcomes to customers and stakeholders.
- Participate in an on-call roster for major incident response.
- Occasional planned or last-minute/urgent travel to customer sites will be required for certain customer facing engagements. This may include a customer site in your home city, or travel to other customer sites within Australia and New Zealand.
Requirements
- The mindset of an investigator. We are looking for someone who is able to search for evidence of compromise and previously undetected adversary behaviour.
- Confidence in communicating with a variety of senior stakeholders, including Senior Leadership teams in difficult / tense situations.
- Experience in responding to high-profile cybersecurity incidents that have had significant operational or privacy impacts to the affected organisation such as ransomware & data breaches.
- Experience in digital forensics & incident response (DFIR) with an understanding of key system & digital forensic artifacts and how they are useful in a cybersecurity investigation.
- Experience using DFIR tools such as EnCase, X-Ways, Magnet Axiom, Velociraptor, KAPE, & THOR.
- Proven knowledge and experience of efficiently searching large datasets across multiple log sources and underlying platforms including XDR/EDR and SIEM products such as CrowdStrike, Microsoft Defender, Splunk, or Sentinel.
- A strong understanding of current and emerging attacker behaviours, tools, tactics, and techniques.
- An understanding of various security frameworks and methodologies such as NIST CSF, MITRE ATT&CK and D3FEND, Unified Kill Chain and OWASP Top 10.
- Basic scripting or automation skills are desirable (for example PowerShell, Bash, Python, or Ruby).
- SANS GCFA, GCFE, GCIH, or relevant DFIR certifications are desirable.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Information Systems Security Engineer (ISSE) driving cybersecurity initiatives in the Digital Modernization Sector. Supporting A&A efforts and ensuring security compliance with federal requirements.
Intern supporting occupational safety and health initiatives at ALTEN Mexico. Assisting in risk management and promoting safe work environments through regulatory compliance and innovation.
Senior SAP Security Specialist working with SAP Security solutions on customer projects. Responsible for workshops and leading consultancy in SAP Security environments.
Cybersecurity Engineer ensuring the security of IT & OT systems at ArianeGroup. Collaborating with internal teams and overseeing compliance and protection measures.
Professional focused on Cloud Security solutions and DevSecOps at innovative tech consulting firm Leega. Implementing security for AWS services and integrating security analysis tools.
Internship for building and deploying SSE/MASE system while working closely with management at I3P, a firm specialized in electrical networks.
Installs complete fall protection systems ensuring safety compliance. Managing team and quality of work on construction sites in a hybrid role.
Technicien d'installation de dispositifs antichute supervisant l'installation et la sécurité. Participer aux visites de chantier, préparer et gérer l'installation avec une autre personne.
IT Specialist ensuring smooth IT operations in a growing beauty company. Collaborate with external service providers and support internal teams with compliance and documentation.