Cyber Security Analyst

Company Description

Nine. Australia’s Media Company.

Underpinned by our people, our strategic focus is on content, connections and growth. 

Driven by our purpose - Australia belongs here - and guided by our values - walk the talk, turn over every stone, keep it human - we are the home of Australia’s most loved content  and trusted brands across News, Sport, and Entertainment. 

We lead the total television market in Australia through our key brands of Channel 9, Gem, Go, Rush and Life, and of course you can consume all our content, live or on-demand, on Australia’s leading free streaming platform, 9Now. We also own Stan, the market leading local subscription streaming service.

Our total publishing business covers The Sydney Morning Herald, The Age, The Australian Financial Review, to the breadth of nine.com.au and The Pedestrian Group. 

In our total audio business we are building talk radio for the next generation across  2GB, 3AW, 4BC and 6PR. 

Nine is also an active participant in Australian consumer marketplaces through our majority shareholding in Domain and our ownership of Drive.

Job Description

At Nine SOC, our mission is “Stopping Breaches”, we try to be concise about this as statements like “0 cyber security incidents” or “defend against all attacks” are misleading and superfluous. This is our highest priority and every capability that we develop and are responsible for would somehow contribute to this mission. We deal with successful and failed intrusions, insider error or malice, nation backed or financially motivated campaigns on a daily basis. The reality is that security weaknesses exist in every organisation and that circumstances causing these could be beyond our control, however, we are laser focused on doing everything we can to detect, contain and (help the business to) recover from these attacks. We leverage automation, open and closed source data at our disposal to detect and proactively develop actionable intelligence to help the business prioritise risks and mitigations against imminent threats.

The Cyber Security Analyst will be a part of the security operations team (SOC) aspiring to detect, hunt and respond to cyber security threats to Nine. This role will be a great fit for a blue teamer with understanding and interest in red team tactics and techniques, someone with an analyst mindset who wants to be actively involved in threat hunting, threat intelligence management and investigations using automation, data analysis and curiosity.

This is a hands-on role in a flexible working environment in a small but high functioning and diverse team.  The role  involves detection engineering, incident response, threat hunting and will be interacting with a broad set of business units. Hence, communication skills, problem solving and day to day learning are a big part of it. There is opportunity for involvement in a wide variety of cyber transformational work, training and upskilling.

Key accountabilities for this role:

• Investigation and analysis of alerts, advisories and incidents
• Attack surface mapping, critical vulnerability triage and impact analysis
• Curation, enrichment and correlation of indicators, creating actionable intel and managing their lifecycle
• Detection engineering, development and improvement of detection signature base across the SOC toolset
• Data and attack based threat hunting
• Reporting on threat intel, metrics and publishing internal advisories 
• Automation of investigation, incident response and threat intel workflows
• Security Operations tooling management, configuration and operations
• Rotational on call roster

Qualifications

ESSENTIAL

• Practical and flexible security mindset
• 2+ years of experience in Cyber Security
• Experience at working both independently and in a team-oriented, collaborative environment is essential.
• Deeply analytical lateral thinker with the ability to make business decisions through robust use of data; 
• SIEM platform management and use case development
• Technical report writing 
• Client service and management experience 
• Scripting, automation and basic networking knowledge
• Web application vulnerability assessment experience
• Excellent english and communication skills with the ability to engage at both technical and management levels.

DESIRABLE

• Programming experience
• Experience with network protection and EDR solutions
• Degree in  Information Security, Information Protection, Computer Information Systems, Computer Science, Computer Engineering, Information Systems Management
• Industry certification desirable (e.g. OSCP, Security+, GSEC)

Additional Information

Life at Nine.

Nine is Australia’s largest locally owned media company – the home of Australia’s most trusted and loved brands spanning News, Sport, Lifestyle, and Entertainment. We pride ourselves on creating the best content, accessed by consumers when and how they want – across Publishing, Broadcasting and Digital.

Nine’s assets include the 9Network, major mastheads such as The Sydney Morning Herald, The Age and The Australian Financial Review, radio stations 2GB, 3AW, 4BC and 6PR, digital properties such as nine.com.au, 9Now, 9Honey, Pedestrian.TV, Drive, subscription video platform Stan and a majority investment in Domain Group.

Nine is a people business. Being part of the team means you’ll be in a culture that promotes creativity and innovation, diversity and inclusion, is open to feedback, rewards impact and ensures everyone is heard. You’ll also receive:

• Career development and quality training
• Up to 16 weeks paid primary carer’s parental leave
• Discounts on lifestyle, entertainment, and leisure memberships, including health insurance, dental and gym
• Access to Future Women – a movement to help women connect, learn and lead through unique content and events.
• Hybrid Working/Flexible working
• Discounts on products and services with corporate partners 

Our Commitment to Diversity and Inclusion:

At Nine, we are committed to fostering a workforce that embraces all aspects of diversity and inclusion and where practices are equitable to ensure our people experience a sense of belonging. From day one, you'll be encouraged to bring your whole self to work and will be supported to perform at your best. Should you require any adjustments to the recruitment process in order to equitably participate, we encourage you to advise us at the time of application.

We encourage applications from Aboriginal and Torres Strait Islander people, people with disabilities, and of all ages, nationalities, backgrounds and cultures.

Nine’s Workplace Condition of Entry:

Nine is committed to maintaining a safe and healthy workplace and doing what is reasonably practical to protect our people, including visitors to all Nine sites and events. 

Nine has introduced a Workplace Condition of Entry – COVID 19 Policy that requires all workplace attendees and participants to be fully vaccinated against COVID-19 before entering a Nine workplace (unless you have a valid medical exemption).  You will be asked to declare your vaccination status as part of the application process and provide evidence of this. This information will be treated in accordance with our Privacy Policy.

Disclaimer: We do not accept unsolicited agency resumes and are not responsible for any fees related to unsolicited resumes

#LI-Hybrid