As a leading specialist fibre and network solutions provider, Vocus connects people, businesses, governments, and communities across Australia and New Zealand, to the world. With a world-class team of experts, we challenge convention and do things dMore...
ANZ has a proud heritage of more than 180 years. Our purpose is to shape a world where people and communities thrive. That is why we strive to create a balanced, sustainable economy in which everyone can take part and build a better life. We employMore...
In this role you will be responsible for monitoring and detecting security incidents while continuously helping new releases become more secure by authoring policy-as-code checks in their CI/CD processes.
Security Analyst Purpose
You will be charged with:
• Monitoring cloud platforms for security alerts
• Triaging, identifying and managing security incidents that come from different cloud security controls
• Helping new initiatives design and architect their platforms to be compatible with cloud security controls using best cloud practices
• Helping devops app teams achieve security operations compliance in their build pipeline by authoring policy-as-code checks and other tooling as required
Is this role for you?
Consider the following questions:
• Do you thrive on solving complex problems using strong analytical, consulting and design thinking skills?
• Can you think in terms of the big and small picture when creating a solution that is compatible with our immediate needs while suiting the strategic direction of the organisation?
• Are you a team player who is able to work effectively with others across all levels of the organisation and influence others to move towards an agreed approach?
• Can you balance the needs of different stakeholders with varying levels of technical ability and bring them on your vision?
• Can you work under pressure whilst being attentive to detail when working on a security incident?
• If you answered yes to all or most of these questions, you could be a great candidate for this role
What’s in your toolkit?
• You are a highly experienced security analyst with a strong technical background.
• You have significant experience in either AWS, GCP or Kubernetes environments (& SaaS e.g. Salesforce). GCP is preferred.
• You understand how a 'modern' DevOps team operates and know how advocate for security in this environment.
• You are able to understand developers and when needed, create tools to fill security gaps in their workflow.
• You have strong technical understanding/experience in understanding what monitoring a SOC needs for cloud and SaaS environments
• You understand architectural configurations that would be required to enable SOC to monitor and protect cloud environments
• You have experience or understanding of how to perform SOC monitoring, triage and response to cyber security incidents within these cloud environments.
• You have experience writing SOC cloud monitoring policy as code.
A Day in the Life … Everyday will be different but some of the key things you will do are:
• Review security alerts generated by monitoring systems
• Tune alerts in security monitoring systems that are generating too many false positives
• Read security policy to author checks for use in CI/CD pipelines - allowing projects to automatically comply with security policy via their build and integration process
• Provide advice to initiatives on integrating with security operations from an architectural standpoint
• Interpret security policy to write CI/CD checks in order to help workloads become more compliant with security policy
• Assess security incidents and determine their severity and whether they are false positives
• Assess whether projects are integrating with security in an effective way that satisfies all stakeholders
Our purpose is to shape a world where people and communities thrive. That's why we strive to create balanced, sustainable economy in which everyone can take part and build a better life. By helping people make the most of what they have, we transform ideas, hard work and ambition into reality.
Career development means different things to different people. It may simply mean developing a skill, broadening your experience by moving sideways or stretching yourself by moving to a different business. How you manage and develop your career is up to you, but ANZ is committed to helping you do this by providing you with the support, tools and resources you need.
ANZ recognises the value of an inclusive and diverse work environment. We take pride in the diversity of our people and encourage applications from diverse candidates. Our recruitment decisions are based on the key inherent needs and requirements of each role, and candidates are selected based on their unique strengths and characteristics.
We work flexibly at ANZ. Talk to us and let us know how this role can be flexible for you
Don’t provide your bank or credit card details when applying for jobs. Learn how to protect yourself here.
Post your task and get experts help on: