FinXL IT Professional Services is an established innovative Australian company providing technology enabled business solutions and consulting services across a number of industries including Telecommunications, Commercial, Government and Finance.

The role:

The Cyber Analyst role is a highly skilled technical subject matter expert (SME) role with responsibility for using security systems and toolsets to further develop use cases to protect logical and physical assets.

You will need a strong knowledge of data networking and an ability to quickly understand platform and related network technologies. This role also requires an ability to deal with highly sensitive information discretely and securely.

A deep understanding of the current threat landscape, its actors, and methods of identifying tactics, techniques and procedures is an underlying requirement of this role.

Core responsibilities:

• Working with Splunk Engineers, Subject Matter Experts and Business Analysts to determine applicable TTPs for applications.
• Map identified threats to best practice exploitation frameworks which includes, but not limited to, Advanced Persistent Threat analysis.
• Development of SIEM detections / alerts and rules.
• Provision of SME Consulting on the operational security policy, processes, and procedures.
• Conduct assurance activities on detections and platforms.
• Work with Splunk Engineers to identify and validate logs required to support the identified use cases for on-boarding to Splunk.
• Develop use cases based on the identified threats and logs.
• Perform other Cyber Analyst related activities as deemed necessary for the project.

Knowledge and experience required:

• 2+ years of Operational Cyber Security experience.
• Excellent knowledge of using Splunk Enterprise Security (Splunk ES).
• Solid understanding of current and recent (1yrs) of tactics techniques and procedures for common attack types.
• Strong knowledge of networking technologies and related threat detection technologies.
• Experience in use case development using Splunk ES.
• Experience conducting assurance activities on detections and platforms.
• Experience in the telecommunications or security/intelligence industry.
• Industry qualifications from recognised training providers.

We are looking for highly motivated, committed individuals with strong communications skills. If you fit the above profile then please apply now.

Please note that due to the volume of expected applications, only shortlisted individuals will be contacted