3 minute read
JOB BOARD
SECURITY ANALYST (WATCHER) | THE MISSING LINK
Desirables
• You are naturally curious and a self-starter. Tell us about how you build Cyber Ranges in your own time, or your latest research project.
• You have experience with Internal Investigations and/ or Insider Threat Management.
• You have worked with custom applications and log formats in a TDIR context.
• You listen to and follow podcasts and bloggers like Darknet Diaries, Recorded Future, @IT_SecGuru or @TheHackerNews. Tell us what r/ threads you’re currently tracking.
• You have exposure to Vulnerability Assessments or Penetration Testing professionally or through your own personal research. If you’ve started a CEH or OSCP certification, even better!
• Show us how you automate using PowerShell and Python.
INFOSEC ANALYST | SAGO
About The Role
• Establish relationships with new and existing third parties (e.g., contractors, vendors, service providers).
• Relay current Information Security requirements to third parties and inform internal stakeholders when requirements are not met.
• Manage and update Information Security questionnaires.
• Maintain list of approved contractors, vendors, or service providers.
• Modify and retain relevant legal, financial, and security documents (e.g. NDA, Security Questionnaires, Invoices, Purchase Orders).
• Regularly audit third party security risk.
• Where possible, negotiate contracts with third parties for optimal pricing.
• Periodically assess performance of vendors and make recommendations to stakeholders when organizational needs are not met.
• Manage third party onboarding and work with internal stakeholders to make relevant updates when necessary.
• Route supplies to appropriate locations, departments, or users.
• You have COMPLETED, not started, certifications such as CompTIA Network+ and Security+ as well as core networking such as Cisco CCNA or CCNP.”
Essential
• 3+ years of experience working with systems, networking and security technologies, with at least 2 years working as a Security Analyst or equivalent role
• Hands-on security knowledge of Windows/Linux/Unix platforms
• Hands-on experience with one or more SIEM/EDR/VM systems and can demonstrate end to end knowledge of the TDIR Methodology
• In-depth knowledge of the MITRE ATT&CK Framework
• A demonstrated knowledge of IT security controls, OSI Model and TCP IP Stack
Apply Here
• Manage third party payments and billing.
• Assist team members in implementing best security practices across the organization as needed.
• Perform Information Security document reviews.
• Aid in the monitoring and testing security mechanisms as needed.
• Proficient in Word, Office, MS experience, Windows Operating Experience.
Requirements
• Bachelor’s degree in Business Management, Business Administration, Supply Chain Management or equivalent.
• Excellent oral and written communication skills.
• Ability to organize, multitask and manage time effectively.
• Strong research, analysis and negotiation skills.
• Good communication and interpersonal skills.
• Ability to effectively manage multiple projects at once.
Apply Here
IT AUDIT MANAGER | TROOCOO
About This Role
As the IT Audit Manager you will work as the 2ic to the Head of IT Audit. This is a new role created due to investment within the Risk function and the need to add an SME in Cyber and Technology Risk. This role will work across multiple projects across Cyber, Digital, Cloud transformation and technology uplift programmes.
You will play a key role in the design and operations of Technology Audits, taking ownership for the end to end delivery of audits working with multiple business and risk stakeholders.
You will take ownership for IT Audits, manage the strategy and delivery of said audits whilst working closely with the business to ensure all risk is highlighted and mitigated accordingly. You will also plan and manage resources to ensure deadlines are met.
QUALIFICATIONS/WORK EXPERIENCE
• Five years’ experience across the IT audit, It Governance, Assurance and technology risk domain
SYSTEMS ENGINEER |
About The Role
Leidos Australia have opportunities for System Engineers to join our team based in Canberra and provide support to a large Federal Government program. As part of our team you will be responsible for all system engineering aspects of the product baseline and structures for multiple delivered subsystems and assist in the smooth transition of new capability into service.
The ideal person will have an in-depth understanding of the systems engineering lifecycle applied to complex mechanical/electrical systems, an understanding of configuration management and the ability to troubleshoot, identify faults and rectify.
QUALIFICATIONS/WORK EXPERIENCE
• Understanding of the ITIL framework
• Involvement in detailed design and equipment acquisition of complex systems
• Minimum three years’ experience working across IT Audit, Risk or Compliance programmes
• Three years’ experience within the financial services domain, preferably banking.
• Work across a range of regulatory requirements, hands on knowledge of security management is highly desirable, specifically CPS234
• Proven experience in risk and control identification, assessment, tracking and remediation
• Strong background in risk management and prioritisation within Risk and Control Taxonomy
• Good knowledge of IT control implementations and ability to control and mitigate risk
• Proven ability in risk and control identification, tracking and remediation
• Certifications across would be highly beneficial CISSP, CISM, CISA, CRISC
• IT governance framework knowledge such as ISO27k, NIST CSF, CIS, ITIL v3 and COBIT
Apply Here
• Demonstrated experience developing engineering artefacts (Application for Deviation, Engineering Change Proposals (ECPs) and engineering investigation reports);
• Strong interpersonal, communication and technical writing skills
• 2-3 years’ experience in one or more of the following;
• Windows (Windows Server 2008, 2012 & 2016, Exchange 2010 & 2016, Active Directory, DNS, DHCP & DFS, Enterprise level backup products)
• Networking (NSX, Cisco, Palo Alto)
• VMWare, or vROPS, vShpere, Horizon, vRealize
• Linux (Red Hat Satellite Tower, Ubuntu)
APPLY HERE
