Cyber Analyst

The role of Analyst, Cyber Response (Level 2) is designed to execute cyber-security incident detection and response functions within Security Services. The position requires good technical skills and experience in incident detection and response.

In the Cyber Analyst role, you will

• Respond to cyber-security threats, vulnerabilities, events and incidents
• Act as technical contributor during major security incidents
• Contribute to improvement in the team’s capability, including:
• Operational maturity, including processes/methodologies, playbooks, automation, efficiency, quality
• Detection strategies, including attack models, use cases, tuning, R&D
• Mitigation strategies, including proactive planning, new controls, optimising existing controls
• Meet team operational metrics
• Maintain an up-to-date knowledge of cyber threats
• Drive continuous learning and knowledge sharing within the team
• As required, support internal stakeholders and projects
• Work in a ‘business hours + rostered on-call’ environment
• Other related activities as required by Management or Cyber Response Leads.
  

What You Will Bring

Understanding and experience with:

• Incident response methodologies and techniques
• Detection and mitigation strategies for a broad range of cyber threats, including malware, DDOS, hacking, phishing, lateral movement and data exfiltration
• Common cloud platforms/technologies including but not limited to cloud IaaS and SaaS platforms, such as Azure, AWS and Google cloud with AWS/M365/Azure experience highly desirable
• Knowledge of Container Orchestration services such as AWS EKS, Azure AKS along with associated tools (e.g., Docker, Kubernetes)
• Common enterprise technologies, such as Windows, Linux, Active Directory, M365, Microsoft Entra ID, DNS, DHCP, web proxies, SMTP, TCP/IP
• Malware analysis and reverse engineering, including dynamic and static analysis
• Operational usage of common analysis and response tooling, including Splunk, Crowdstrike, Microsoft Defender, FireEye, Akamai, etc
• The Lockheed Martin Cyber Kill Chain™ or similar methodologies
  
  

Essential Non-technical Skills

• Demonstrated ability to stay calm and lead under pressure
• Experience working in a CSOC / CIRT performing level 1, 2 support
• Experience in a complex enterprise environment
• Demonstrated willingness to engage in self-learning or security research outside of standard business hours
• Good analytical, problem solving and lateral thinking skills
• Good verbal and written communication skills
• Good time management and prioritisation skills
• Basic consulting and stakeholder management.
  
  

A diverse and inclusive workplace works better for everyone

We know that our people make us who we are. That's why we have built a culture of equity and respect - where everyone feels valued and appreciated for being their authentic selves. In partnership with our multiple Employee Resource Groups (ERGs) we continue to foster an inclusive environment, where all NAB colleagues’ unique backgrounds and identities are understood, respected and celebrated. We are committed to providing an environment where you can work your way.

For details on the recruitment process, and accessibility, please visit www.nab.com.au/about-us/careers/apply-for-job. To discuss adjustment requirements, please contact the NAB Careers team, via [email protected] (please reference job number) or visit our Careers page through the link above for other contact options.

Join NAB

If you think this role is the right fit for you, we would love to hear from you. Please note candidate screening and interviews may be conducted prior to the closing date of the job advert. Unsolicited CVs from agencies will not be accepted.