Detection Engineer - Cyber & Threat — Melbourne, Melbourne Region

Expired

Detection engineer required for a financial services organisation on an initial 6 month project Launch recruitment are working with a financial services organisation to support in bolstering their Threat and Detection team. Location: Melbourne Day Rate: $880 GST Core Responsibilities​ Develop and maintain cyber threat detection and hunting capabilities across the organisation; Actively research, innovate and uplift in the areas of threat detection and hunting.​ Develop and maintain attack & use case models against the environment and ​systems for the purposes of detection and monitoring use cases.​ Build and maintain continuous validation and assurance of the detection and hunting​ ​ Maximise detection visibility, coverage, and return-on-investment to maintain a ​defensible architecture across the business.​ Develop threat/attack models to depict and model detection of known attack vectors.​ Work with Threat Intelligence, Incident Response and Cyber Orchestration teams to ​prioritise and develop detection and orchestration capability.​ Work with the Red Team to actively test and validate detection capabilities.​ Experience required 5 years of experience in a CSOC, Cyber detection, Threat Hunting and/or SOAR development role. 5 years developing detections within a SIEM environment. 2 years experience using Databricks (or similar data lake). Proficiency in developing detections or code in Python and SQL. Experience working with security tools such as endpoint detection and response systems, network anomaly detection etc, Experience working with cloud and SaaS environments (AWS, Azure, M365, Entra ID, etc) and awareness of threats impacting them. Designing and implementing threat/attack modelling to derive abuse cases, detection logic and automation course of actions. Ability to think like an adversary/threat actor. Well versed in the development of detection and hunting strategies for a broad range of cyber threats, including malware, DDOS, hacking, phishing, lateral movement and data exfiltration in the Financial Services sector or similar. Working in large/complex environments. Good consulting and stakeholder management, Pro-active & energetic work ethic. Participation or experience in penetration testing / red teaming exercises, including network, infrastructure and application exploitation would be a plus. Knowledge of a variety of security frameworks If you are interested in the position please do click apply or reach out to Sophie Garrison, Cyber Security Lead: sgarrisonlaunchrecruitment.com.au