Cyber Threat Detection Analyst

Company Description

At Leidos, we deliver practical solutions to the Federal Government’s most complex IT engineering problems. And, as a Prime Systems Integrator, these are often on a scale and variety rarely seen by other organisations. Whether developing and supporting technology transformation projects for the Bureau of Meteorology, providing software applications for critical Defence missions, or improving the way the ATO supports its service delivery, our work has a direct impact on the lives of Australians, and will certainly impact on your career. 

Job Description

Leidos has been engaged by Defence to provide cutting edge cyber capabilities to support Australia's Defence mission. We are seeking inquisitive and delivery focused people to ensure its success. 

If you want the following as part of your next role, please get in touch: 

• Important and engaging work 
• Leading edge technology 
• Excellent training and career development 
• Generous salaries at comparable market rates 
• Happy and focused high performing team 
• Work with experienced peers on a well-resourced operations supporting the ADF 
• Contribute to enhancing national security 

This position as a Cyber Threat Detection Analyst is a vital component of our SOC team, playing a key role in enhancing our threat detection capabilities across our security platforms.  This role will involve your skills in identifying, analysing and responding to cyber threats in real-time to protect our client’s critical systems and data. 

You will be at the forefront of our efforts to maintain a robust security posture, leveraging your expertise and abilities to develop and refine detection methodologies, optimize threat hunting strategies, and supporting our threat intelligence initiatives.   

Your proactive approach will ensure that potential vulnerabilities and emerging threats are swiftly identified and mitigated, thereby preventing security breaches and safeguarding the integrity of our clients’ information systems. 

Key Responsibilities 

• Continuously monitor network traffic, system logs, and security alerts to detect suspicious activities and potential threats 
• Utilise SIEM tools like Splunk to create, optimize, and maintain detection rules and alerts 
• Analyse security events and incidents to identify trends, patterns, and anomalies that may indicate a security threat 
• Work closely with the Threat Hunt team to develop and execute proactive threat hunting strategies to identify undetected threats within the environment 
• Document findings and develop recommendations for improving threat detection and response capabilities 
• Integrate threat intelligence data into detection and response processes to enhance overall security posture 
• Stay up-to-date with the latest threat intelligence and cybersecurity trends to inform detection strategies 
• Regularly review and refine detection methodologies and tools to ensure optimal performance 
• Contribute to the development and maintenance of SOC playbooks and SOPs, including the development of automation and enrichment playbooks within SOAR tools 

Qualifications

About You and What You'll Bring 

Personal Characteristics 

• Highly analytical with a strong attention to detail 
• Proactive and self-motivated with a passion for cybersecurity 
• Excellent problem-solving skills and the ability to think critically 
• Strong communication skills, both written and verbal, to effectively convey complex technical information 
• Team-orientated with the ability to collaborate effectively with colleagues and stakeholders alike 

What You Will Bring 

• Relevant degree, qualification or certificates in Cybersecurity, Information Technology, or related field, or equivalent work experience 
• At least 2-3 years of experience in a SOC or similar cybersecurity role 
• Strong understanding of cybersecurity principles, threats and attack vectors 
• Proficiency with security tools such as Splunk, Splunk SOAR, Trellix ePO and EDR applications 
• Experience in incident response, threat hunting and threat intelligence analysis 
• Relevant certifications (e.g., CISSP, CySA+, Splunk, BTL, GCIH) are highly desirable 
• A commitment to continuous learning and professional development 
• Previous experience in either Defence or Government environments is beneficial 

Additional Information

This role does require the successful applicant to be an Australian Citizen and hold an NV-2 security clearance. If you have an active NV-1 and can upgrade you will also be considered. This role can only be performed on-site in Canberra. 

The successful candidate may need to meet International Traffic in Arms Regulations (ITAR) requirements applicable to this role, and your nationality may be a factor in determining your suitability for this role.    

At Leidos, we are passionate about our mission to make the world safer, healthier and more efficient. If you are too, then join us and Be the difference.