Cyber Security Engineer (PROJ-4304)

Technical skills required:

• (Preferred) Holds a Bachelor of Computer Science, Computer Systems Engineering or an Intelligence related discipline or equivalent qualification/work experience in either of these fields:

** Penetration Testing,

** Host and/or network Forensics, or

** Intelligence Analysis.

• At least 3 years’ experience as a Cyber Analyst / Engineer or similar role.
• Understanding and experience in the application of the Essential 8.
• Experience with network security technologies from vendors such as Palo Alto, Cisco, Sourcefire, FireEye, Blue Coat, Gigamon and Ixia.
• Experience installing and configuring COTS network security devices such as Next Generation Firewalls (NGFW), Intrusion Detection Systems (IDS), NetFlow and Network Visibility appliances. 

Essential criteria:

• F1:4 - Intrusion Detection and Analysis: Level 4 (CIISEC) Analysts: Operates as a member of an intrusion and analysis team without close supervision. Appropriate and relevant certifications include CREST Registered Intrusion Analyst.

• B1:4 - Threat Intelligence, Assessment and Threat Modelling: Level 4 (CIISEC) Analysts: Undertakes routine threat intelligence/modelling tasks or threat assessments without close supervision. Undertakes complex threat intelligence tasks or threat assessments under supervision. Appropriate and relevant certifications include CREST Registered Threat Intelligence Analyst.

• I1:4 - Research: Level 4 (CIISEC) Analysts: Builds on and refines appropriate outline ideas for the evaluation, development, demonstration and implementation of research. Contributes to research goals and funding proposals. Collects and analyses qualitative and quantitative data as required. Contributes to research plans and identifies appropriate opportunities for publication and dissemination of research findings. Makes an active contribution to research communities. Presents papers at conferences, contributes significant sections of publication-quality material, and presents reports to clients.

• DESN 4 - Systems design: Level 4 (SFIA) Engineers: Designs system components using appropriate modelling techniques following agreed architectures, design standards, patterns and methodology. Identifies and evaluates alternative design options and trade-offs. Creates multiple design views to address the concerns of the different stakeholders and to handle functional and non-functional requirements. Models, simulates or prototypes the behaviour of proposed system components to enable approval by stakeholders. Produces detailed design specifications to form the basis for the construction of systems. Reviews, verifies and improves own designs against specifications.

• SCTY 4 - Information security: Level 4 (SFIA) Engineers: Maintains operational security processes and checks that all requests for support are dealt with according to agreed procedures. Provides advice on defining access rights and the application and operation of elementary physical, procedural and technical security controls. Investigates security breaches in accordance with established procedures and recommends required actions. Provides support and checks that corrective actions are implemented.

• HSIN 4 - Systems installation and removal: Level 4 (SFIA) Engineers: Undertakes or supervises complex installations and de-installations of systems or components, including handover to the client. Develops procedures and standards for installation and handover to maintain and improve the installation service. Schedules installation work around client priorities and resource availability. Ensures adherence to established safety and quality procedures.