Cyber Security Analyst - Digital Forensics

The Role

Working closely with the Security Operations Center (SOC), the CSIRT oversees operational procedures and risk mitigation strategies for both physical and digital environments.

Hybrid working - 3 days in office, 2 day WFH.

• Monitor, detect, and respond promptly to information security threats.
• Lead and support investigations into security incidents, including data breaches, malware infections, insider threats, and advanced persistent threats (APTs).
• Conduct triage, containment, and remediation of cybersecurity incidents.
• Perform root cause analysis and generate incident reports with actionable recommendations.
• Collect, preserve, and analyze digital evidence from endpoints, networks, and cloud environments.
• Conduct memory forensics, disk forensics, and network packet analysis.
• Identify indicators of compromise (IOCs) and assess threat actors' tactics, techniques, and procedures (TTPs).
• Utilize SIEM, EDR, and threat intelligence platforms for incident detection and response.
• Collaborate with internal and external stakeholders to align security measures with business objectives and advise on mitigation strategies during incident response.
• Work closely with the Security Operations Center (SOC) to assess alerts and determine appropriate actions.

• Strong familiarity with IT Risk and Cyber Security practices
• One or more of the following certifications: ISO 27001, CompTIA Security+, SANS GCFA, GNFA, GCIH, CHFI, CEH, SSCP, CISSP, CSSLP, CISA, CISM
• Minimum of 2-4 years' experience working within a CSIRT environment
• Knowledge of common CSIRT technologies (ex., EDR, SIEM, SOAR)
• Knowledge of incident response in IaaS/PaaS environments (AWS, Azure, GCP)
• Familiarity with scripting languages (Python, PowerShell, Bash) for analysis and automation
• Proficiency with forensic tools (eg EnCase, FTK, Volatility, Wireshark, Splunk)
• Australian Citizens only (Must have NV1 or be eligible for NV1 clearance)

Apply Today

Please send your resume by clicking on the apply button.

Learn more about our Sydney recruitment services: http://www.roberthalf.com.au/recruitment-agency-sydney

By clicking 'apply', you give your express consent that Robert Half may use your personal information to process your job application and to contact you from time to time for future employment opportunities. For further information on how Robert Half processes your personal information and how to access and correct your information, please read the Robert Half privacy notice: https://www.roberthalf.com/au/en/privacy. Please do not submit any sensitive personal data to us in your resume (such as government ID numbers, ethnicity, gender, religion, marital status or trade union membership) as we do not collect your sensitive personal data at this time.