- Newly created position based in East Melbourne
- Opportunity to build a SOC - Imp experience with Nessus and Splunk is essential
- Work with one of the largest Healthcare Services providers in Australia
Reporting to the Security and Risk Manager, Information Technology your role as the Senior Security Analyst is responsible for the establishment, management and maintenance of the Vulnerability Management and Security Information Event Management solutions. The Senior Security Analyst will proactively monitor and undertake analysis of all systems and networks to identify and bring to attention vulnerabilities, breaches and potential intrusions and provide expert advice on countermeasures and contingency plans.
Your key duties will include;
- Establish, manage and maintain security tools including the Vulnerability Management and Security Information and Event Management systems.
- Undertake proactive analysis of the complete IT Infrastructure to identify, assess, manage, and escalate vulnerabilities and indicators of compromise.
- Work with technology teams to provide expert advice and to ensure data security is built into system designs and configurations.
- Draft and maintain technology security standards and procedures for the enterprise.
- Maintain currency of new and emerging security threats and provide appropriate information to information technology teams and management and carry out risk assessments.
- Use consistent processes for identifying potential risk events, quantifying and documenting the probability of occurrence, and the impact on the business.
- Refer to domain experts for guidance on specialised areas of risk, such as architecture and Environment.
- Provide advice on countermeasures and contingency plans.
- Contributes to the development and maintenance of departmental documentation, configuration management and training resources.
- Maintain an up-to-date knowledge of new technologies, systems and techniques appropriate to the industry and organisation
- Maintain expert knowledge in the functionality of systems, network and applications relevant to the business.
Essential experience to be considered for the role;
- IT security or information security experience with a proven ability to engage with Senior Management.
- Experience in administering IT security controls in an organisation.
- Demonstrated experience in implementing protective security management systems developed in accordance with standards.
- Demonstrated experience in communicating complex IT security concepts with business and technical people.
- Knowledge of technical infrastructure, networks, databases and systems in relation to IT Security and IT Risk.
- Experience with Vulnerability Management and Security Information Event Management technologies.
- Ability to work collaboratively and effectively with multidisciplinary team members across interstate locations.
The ideal candidate will be degree qualified in Information Systems/Security, Computer Science or related field and CISSP certification as well as have excellent stakeholder engagement capabilities, strong analytical and problem solving abilities to identify and fix security risks, be adaptable and work effectively in a high pressure environment.
Previous experience in the establishment and management of a Security Operations Centre as well as knowledge and experience of IT related legislation, policies, procedures and systems within the healthcare services sector will be highly regarded.