Senior Cyber Advisor (PROJ-4615)

Job Duties and Responsibilities

• Provide leadership within the team, and guide and mentor less experienced employees.
• Coordinate activities and participates in the design, development, testing, implementation, documentation, support, security, maintenance or enhancement of signals intelligence systems.
• Utilise contemporary knowledge of the Information Communication Technology profession to create innovative technical solutions, to support the signals intelligence function.
• Apply an understanding of the signals intelligence function through participation in collaborative analysis activities.
• Work collaboratively with team members, promote effective teamwork and actively participate in team work and group activities.
• Build and sustain effective relationships with stakeholders, customers, co-providers and vendors to progress work and meet outcomes.
• Resolve problems using expertise, taking the initiative to identify alternative courses of action.
• Design and implement solutions to issues impacting on the signals intelligence function.
• Select resources appropriately to meet high and critical priorities whilst sustaining tasks within and across the work area. Prepare and deliver complex briefs and cyber threat intelligence reporting related to the Australian Signals Directorate and national security issues.
• Identify and undertake complex research and analysis of relevant cyber threat actors to provide situational awareness on the current and emerging threat to the Australian Signals Directorate.
• Analyse identified cyber threat event data and fuse with all-source intelligence in order to identify, model, and track threat actors targeting the Australian Signals Directorate, and recommend any required actions.
• Understand and use analytical tools and techniques to develop cyber threat activity-related assessments.
• Build and maintain standard operating procedures and other supporting documentation pertaining to cyber threat intelligence operations.
• Build and sustain strong interactive relationships and negotiate with customers and key stakeholders to deliver tailored intelligence reporting.
• Build and sustain effective working relationships with team members and actively lead in team work and group activities.
• Resolve problems using expertise, taking the initiative to identify and recommend alternative courses of action.
• Accountable for accurate and timely completion of work, sharing own expertise with others and guiding and mentoring less experienced employees.

Essential criteria

• Experience in identifying, analysing and responding to cyber security threats using tools such as a security information and event management (SIEM) solution, Intrusion Detection Systems (IDS) and Network Security Monitoring (NSM) tools.
• Experience in developing and tuning detection rules to identify anomalous network behaviour based on attacker tactics, techniques and procedures (TTPs).
• Strong knowledge of network protocols, firewalls, VPNs and system hardening techniques to protect infrastructure.
• A proven ability to work as a member of a dispersed team and support productive working relationships by working cohesively and flexibly with customers as well as the broader project team.
• Provide expert advice and guidance when developing solutions to address future goals and deliverables.
• Provide knowledge transfer and guidance to other team members. All records to be recorded in the team Confluence space.

Desirable criteria

• Demonstrate administrative skills, including time management and oral and written communication skills; and demonstrated ability to effectively prioritise and allocate tasks.
• Experience in a Security Operations Centre (SOC) including security monitoring and incident response.
• Experience in Security architecture management.