Group Cybersecurity Threat Intelligence Lead

Our Purpose

Here at Datacom, we connect people and technology in order to solve challenges, create opportunities and discover new possibilities for the communities we live in.

About the Role

The Cybersecurity Threat Intelligence Lead is a key part of Datacom's Internal Security Group. This is an internal facing role where you will be responsible for the identification of intelligence requirements, signs of compromise and providing thorough analysis of such compromises and other threat activities/actors. You will be managing, developing and contextualizing intelligence and communicating the nature and impact of applicable security threats, risks, and vulnerabilities, and sharing and escalating threat indicators with Operations, Incident Response teams and management as appropriate.

What you’ll do

The Cybersecurity Threat Intelligence Lead is responsible for (but not limited to):

• In-depth threat intel research and analysis, to identify threat tactics, patterns and methodologies
• Evaluate, analyse, and synthesize large quantities of data (which may be fragmented and contradictory) into high quality, fused targeting/intelligence products.

• Provide subject matter expertise to the development of cyber operations specific indicators.
• Monitor operational environment and report on adversarial activities.

• Assist in the identification of intelligence gaps, intelligence collection shortfalls.
• Collaborate with intelligence Incident Response Analyst/Threat Hunters involved in related areas.

• Provide subject-matter expertise and identify opportunities to share TI with wider communities

• Make recommendations to improve security services

What you’ll bring

• Strong understanding Threat Intel Research concepts and functionality

• Security industry frameworks such as NIST 800-61r2, NZISM
• Cyber-attack methodologies and techniques such as MITRE Att&ck, Diamond Model and Lockheed Martin Cyber Kill Chain and other common cybersecurity threats

• Strong scripting languages (e.g. Python, Power Shell)

• Minimum 5 years in a similar security analyst role and security incident response and resolution handling.
• Deep technical knowledge of the cyber threat landscape including threat actors, attack types, tactics, tools and procedures, and effective counter measures
• Experience in working with security tools such as: SIEM, anti-malware, endpoint security and EDR, URL and application control, IDS/IPS, email filtering

Qualifications and Certifications

• Vendor neutral certifications (such as CompTIA Security+, CompTIA Analyst+ etc.)
• Security related vendor qualifications (such as Microsoft AZ-500, MS-500, SC-200, Splunk certifications, CrowdStrike Certifications etc.)
• SANS GDAT - GIAC Defending Advanced Threats
• SANS GCTI – GIAC Cyber Threat Intelligence

Why Datacom

We have over 6,200 people across our global offices, and generate an annual revenue of over $1.2 billion, this makes us one of Australasia’s largest professional IT services companies. We have extensive expertise in operating data centres, providing IT services, software engineering and application management, as well as payroll and customer service design and operations. With this comes a long list of significant clients Datacom is committed to hiring, developing, and promoting the best talent from a diverse range of backgrounds. We are local at heart, yet world-class in capability.

If you are keen to be part of a great team, please apply online! All applications will be treated in the strictest confidence.