SIEM Specialist NV2

Australian Citizens With NV2 Clearance previous defence experience preferred.

• 5+ years experience designing, implementing and supporting centralized logging and SIEM solutions in large scale, geographically dispersed and security-hardened on-premise environments which operate in low-bandwidth and disconnected states;
• 5+ years experience designing, implementing and supporting Elastic Stack (Elasticsearch, Logstash, Kibana, Beats);
• Experience optimizing centralized logging and SIEM environments, including query optimization, performance tuning and indexing strategies;
• Experience with creating and managing SIEM rules, models and dashboards
• Experience implementing SSL / TLS, authentication and authorization in Elasticsearch, Splunk or equivalent;
• Possess a good working knowledge of the following frameworks and standards : (Australian Information Security Manual (ISM), US National Institute of Standards and Technology (NIST), Information Security Management System (ISO27001);
• Excellent knowledge and experience of the security threat landscape and related security mitigations;
• Ability to take requirements, standards and frameworks and apply in a practical application to future proposed solution designs and systems;
• Strong communication, interpersonal and negotiation skills with demonstrable experience of presentation and engagement with stakeholders, projects and business areas;
• Ability to rapidly build, automate and deliver proof of concept systems to support analysis, testing, accreditation and development activities within a DevSecOps framework;
• Ability to adapt quickly to changing requirements in a fast paced highly kinetic environment to meet changing deadlines and deliverables;
• Ability to work under broad direction with a high level of autonomy; and,
• Experience developing highly available / fault tolerant systems, networks and infrastructure in a connected, partially connected, degraded or often disconnected state.
• Experience designing, implementing and supporting automation and orchestrated deployments of Elastic Stack;
• Experience in supporting Red Hat Enterprise Linux
• Experience with vulnerability management and compliance solutions for enterprise server environments using technologies such as Tenable Nessus,
• Experience and / or knowledge in privileged access management solutions;
• Proficient in scripting languages such as Bash, Python and Powershell
• Previous experience in a Technical Architect and / or Senior Operational

#J-18808-Ljbffr