Information Security Analyst
|Job Title:||Information Security Analyst|
|Job Published:||February 13, 2019 09:20|
FinXL IT Professional Services is an established innovative Australian company providing technology enabled business solutions and consulting services across a number of industries including Telecommunications, Commercial, Government and Finance.
Our client, one of Australia's largest in Telecom Industry is looking for an experienced Information Security Analyst working with one of Australia’s large bank.
This is an initial 5 months contract with a possibility for extension.
Immediate Start! Competitive rate to offer!!
Roles & Responsibilities:
- Identify threats and vulnerabilities related to the Banks information assets in order to quantify risks to the Bank.
- Protect the Bank’s information assets against identified risks by developing, implementing and maintaining robust security policies, frameworks and capabilities.
- Detect threats and anomalies by monitoring, investigating and researching alerts and intelligence to trigger the response process.
- Respond to and triage security events to contain and mitigate threats to minimise the impact to the Banks information assets.
- Manage incidents to return assets to service, perform post incident reviews and implement lessons learned to improve our security posture and maturity.
- Perform on-call duties on a rostered basis.
- Interact and coordinate with vendors, suppliers, distributors and contract consultants.
- Perform 3rd tier Information Security support for internal customers.
- Stay up to date on current threats, trends and technologies by attending training, conferences and digesting podcasts, blogs and other sources of security intelligence and information.
- Other tasks seen as appropriate by Manager, Security Operations
- Support development and implementation of the Banks Information Security Framework and Information Security Policy.
- Develop and Lead Information Security assurance activities in line with the Information Security Framework, Information Security Policy and compliance objectives.
- Undertake line 1 risk and assurance activities ensuring compliance objectives are understood and reported on.
- Adhere to the Bank’s internal and external compliance requirements.
- Perform compliance and security assessments when required to assist the business in understanding and meeting their compliance objectives.
The ideal candidate will possess the following:
At least one of Formal Qualifications / Accreditation:
- Appropriate tertiary qualifications at a Degree level or higher in Information Technology, Engineering or Computer Science.
- Relevant and current advanced certifications (CCNP, ECEH, CISSP etc.) or equivalent experience in Information Security.
- Ability to innovate and understand new technologies.
- Ability to coach the security incident response lifecycle.
- Experience working with IP networking, networking protocols and security related technologies.
- Strong communication skills, including the ability to write procedural, process and reporting documentation.
- Show initiative and the ability to work with minimal supervision.
- Exceptional time management skills and demonstrated ability to prioritise job queues.
- Always act with integrity.
- Demonstrated customer service skills.
- Ability to present ideas, concepts and information to groups at various levels, such as frontline staff, technical SME’s and Senior Executives.
Knowledge / Experience:
- Demonstrated Security Analyst experience with at least two years’ experience in a similar role. Demonstrated experience in security principles and techniques of IT security related technologies (e.g. Antivirus, endpoint protection, data encryption, PKI, HSM, DLP/IDS, etc.).
- Experience with information security and compliance frameworks, such as PCI-DSS, NIST, and ISO/IEC 27000 series.
- Knowledge of risk management frameworks.
- Knowledge of vulnerability and security assessment methodologies.
- Knowledge of current threat landscape and industry standard mitigations of these risks.
- Experience working with Windows and Linux or UNIX based systems.
- Experience working with virtual networks and environments.
- Experience of security monitoring and logging technologies, such as Splunk.
- Experience with vulnerability management technologies, such as Tenable or Qualys.
- Experience in project management, as a technical lead or similar.
- Knowledge of cloud security concepts.
- Knowledge of DevSecOps and Agile development methodology.
- Experience scoping penetration testing.
- Knowledge of security assessment methodologies.
In additional you will be a self-starter and be available almost immediately.
For further information or to send in your CV directly, contact Venkata Bakka at firstname.lastname@example.org.