Analyst - Security Operations Centre

At ANZ we're applying new ways technology and data can be harnessed as we work towards a common goal: to improve the financial wellbeing and sustainability of our millions of customers.  

Banking is changing, giving our people fascinating challenges to solve - helping them build their skills, while they build the ANZ of the future. 

About the Role

As an Analyst in our Security Operations Centre (SOC), you’ll play a key role in helping to identify and respond to Computer Security Incidents which have been identified within the ANZ environment.  This role requires the individual to work as part of the Global Security Operations Centre and be able to action a series of steps to perform initial assessment or where necessary develop new steps and escalation of these incidents for resolution and remediation. 

This role will provide experienced and educated subject matter experience on the response and handling of security incidents, mentoring other IT Security Analysts (Level 1). The incumbent will support the infrastructure and availability of the ArcSight SIEM solution, including monitoring the health of the environment and working with platform teams to ensure event source are logging appropriately. It is expected that the individual in this role will also actively research and develop new ways of being able to detect incidents and be aware of the general Internet security posture. Lastly, the role requires that the individual work across rotating shifts to support delivery of a 24x7 service.

If reinventing the wheel is in your wheelhouse, you've found the right place.

Role Location: MDC 100 Building, Eastwood, Libis, Quezon CIty

Role Type: Permanent, Full-time

Shift Schedule: Must be willing to work on 24x7 shifting schedule

What will your day look like?

As an Analyst, you will also be responsible for the following:

• Manage operational costs to achieve agreed financial targets for the Computer Security Incident Response Team (CSIRT) function.
• Actively monitors and protects ANZ's environment.
• Ensure ANZ staff are satisfied with the security services provided by the Security Operations Centre (Level 1) function.
• Provide subject matter expertise to investigate and respond to security incidents and actively protect the environment.
• Mentor other members of the Security Operations Centre (Level 1) team
• Conducts continuous improvement initiatives to uplift and mature the Security Operations Centre (Level 1) function.
• Handling of computer security related incidents occurring at ANZ with specific focus on incidents originating from within the ANZ network and impacting or threatening other ANZ internal systems or threats which are identified outside of the ANZ environment and specifically targeting ANZ.
• Identification of and propose amendments of any playbook work instructions or processes which need to amended for optimisations or regulatory requirements.
• On-going development and maintenance of rulesets in the various security toolsets operating within ANZ.
• Support the infrastructure and availability of the ArcSight SIEM solution, including monitoring the health of the environment and working with platform teams to ensure event source are logging appropriately.
• Participate in cross-training skills & ensure no critical/key person risks with regards to responding to security incidents, following in-house security incident response procedures or operating any of the security toolsets that are used within the GSOC.
• Contribute to the professional capability and skilling of the team.

What will you bring?

To grow and be successful in this role, you will ideally bring the following:

• Knowledge of technical security controls and technology risk management (e.g. ITIL, ISO27001).
• Thorough understanding of security technologies which are deployed in large ‘Tier 1’ organisations
• Demonstrated experience supporting critical infrastructure running on Unix and Windows.
• Knowledge of industry security standards and security threats
• Detailed security knowledge including technologies such as Malware, Network Intrusion Prevention, Security Information Event Management systems.
• Experience with relational database systems and health monitoring

You’re not expected to have 100% of these skills. At ANZ a growth mindset is at the heart of our culture, so if you have most of these things in your toolbox, we’d love to hear from you.

So why join us?

ANZ provides banking and financial services and operates across more than 30 markets. We are among the top 4 banks in Australia, the largest banking group in New Zealand and Pacific, and among the top 50 banks in the world. With more than 2,000 people, our team in Manilla play a critical role in executing our strategy and deliver what matters most to our customers and the bank. We continue to grow our professional services capabilities to support our customers around the world.  Our expertise and services make us a bank, and our people, purpose, and culture makes us ANZ. We’re proud of the inclusive culture we’re renowned for where 90% of our people feel they belong.

We provide our people with a range of benefits including access to health and wellbeing services.  We also have flexible working options so that our people can “make work, work for them”.

We welcome applications from everyone and encourage you to talk to us about any adjustments you may require to our recruitment process or the role itself. If you are a candidate with a disability, let us know how we can provide you with additional support.

To find out more about working at ANZ visit  https://www.anz.com/careers/. You can apply for this role by visiting ANZ Careers and searching for reference number 64611.

Posting will end on 17 May 2024