<table width="680"><tbody><tr><td width="552"><p><strong><span style="text-decoration: underline;">THE COMPANY </span></strong></p><p> </p><p>This large and well-known organisation employs more than 70,000 staff in 100+ countries around the globe.</p><p> </p><p>They are a creative and innovative business that are expanding their Cyber Security capabilities in Australia by establishing a new DFIR function in the region.</p><p> </p><p>What's on offer:</p><p>· Join a newly established CSIRT team in Sydney. </p><p>· Ongoing training by dedicated cyber trainers.</p><p>· Flexible hybrid working options.</p><p>· Collaborate with a tenured team of passionate IR and DF professionals. </p><p>· Involvement in interesting projects across cloud security & Cloud IR, SOAR playbook development, IR framework improvement</p><p> </p><p> </p><p><strong><span style="text-decoration: underline;">THE ROLE & RESPONSIBILITIES </span></strong></p><p> </p><p>Newly created Digital Forensics & Incident Response (DFIR) Specialist position to build out capability in the APAC region.</p><p> </p><p>The role focuses on incident investigation & response, digital forensics, and uplift/automation. </p><p> </p><p>You will work alongside various global teams (SOC, Threat Intelligence, CSIRT etc) operating in a follow-the-sun model.</p><p> </p><p><strong>Key elements include:</strong></p><ul><li>Monitor, detect, and respond to InfoSec threats</li><li>Lead & support security incident investigations - data breaches, malware infections, insider threats, APT's etc.</li><li>Triage, contain and remediate cybersecurity incidents and threats.</li><li>Root cause analysis and develop IR reports with actionable recommendations.</li><li>Collect, preserve, and analyse evidence from endpoints, networks, and cloud environments.</li><li>Undertake memory forensics, disk forensics, and network packet analysis.</li><li>Identify IOC's and TTP's used by threat actors.</li><li>Work with SIEM, EDR and threat intelligence tools.</li><li>Continuously identify improvements to Incident Management and Incident Response processes.</li><li>Research and investigate new and emerging threats.</li><li>Integrate information from disparate sources and create tactical intelligence to better protect organisational assets.</li><li>Collaborate and communicate with various internal teams including SOC, IT teams, Internal Audit, Legal, and various business stakeholders.</li><li>Work alongside a local and global teams in a 'follow-the-sun' model.</li></ul><p> </p><p> </p><p><strong><span style="text-decoration: underline;">REQUIRED EXPERIENCE / BACKGROUND / KNOWLEDGE </span></strong></p><p> </p><p>Suitable for a Senior SOC or CSIRT Analyst with proven experience responding to multi-level cyber incidents in enterprise environments.</p><p> </p><p>Ideal for someone with a digital forensics background who can confidently communicate and 'see the big picture'.</p><p> </p><p><strong>The following is required: </strong></p><ul><li>Proven Cyber Security Incident Response experience.</li><li>Background in digital forensics.</li><li>Experience using SIEM, EDR, and digital forensics tools.</li><li>Threat hunting skills and ability to create queries to detect incidents.</li><li>Ability to translate orchestration design documents into SOAR playbooks. </li><li>Scripting experience is beneficial - e.g. Python, PowerShell, etc</li><li>Cloud security knowledge is beneficial - including techniques to secure cloud environments & cloud Incident Response.</li><li>Background inside enterprise environments, preferably with globally dispersed teams.</li><li>Strong attention to detail, problem-solving & analytical skills</li><li>Clear & confident communication & stakeholder management abilities.</li><li><strong><span style="text-decoration: underline;">Australian Citizenship and ability to obtain NV1 clearance is essential.</span></strong></li></ul><p> </p><p> </p><p> </p><p><strong><em>This is a full-time permanent</em></strong><strong><em> role with hybrid working offering circa $140,000 - $150,000 (plus super) - depending on experience. </em></strong></p><p><strong> </strong></p><p><strong><em> </em></strong></p><p><strong><em>Note: Australian Citizenship and ability to obtain NV1 clearance is essential for this position and successful applicants will be contacted. </em></strong></p><p> </p><p> </p><p> </p><p><strong>This is a </strong>hybrid <strong>position.</strong></p></td></tr></tbody></table><p><em>By clicking 'apply', you give your express consent that Robert Half may use your personal information to process your job application and to contact you from time to time for future employment opportunities. For further information on how Robert Half processes your personal information and how to access and correct your information, please read the Robert Half privacy notice: <a href="https://www.roberthalf.com/au/en/privacy" target="_blank">https://www.roberthalf.com/au/en/privacy.</a> Please do not submit any sensitive personal data to us in your resume (such as government ID numbers, ethnicity, gender, religion, marital status or trade union membership) as we do not collect your sensitive personal data at this time.</em></p><img src="https://counter.adcourier.com/am9zaHVhLmJ1cmtlLjMzNDI3LjEwNjc1QHJoaWF1cy5hcGxpdHJhay5jb20.gif">
<table width="680"><tbody><tr><td width="507"><p><strong><span style="text-decoration: underline;">THE COMPANY</span></strong></p><p>An International NYSE listed marketing company expanding their Cyber Security team in APAC.</p><p> </p><p><strong>Benefits:</strong></p><ul><li>Join a new team within an established environment (DFIR)</li><li>Hybrid working- 3 days in office, 2 days WFH</li><li>Focus on uplift and automation</li></ul><p> </p><p><strong><span style="text-decoration: underline;">THE ROLE</span></strong></p><p>This is a specialist role focused on Cyber Incident Response and Digital Forensics across the entire global business.</p><p> </p><p>You will be directly responsible for responding to and containing cyber incidents as well as post-incident reviews to understand and determine IOC's and TTP's to better inform and craft remediation and learning activities.</p><p> </p><p>This is a specialist role working as part of a wider global SOC who operate in a follow-the-sun model.</p><p> </p><p><strong>Responsibilities:</strong></p><ul><li>Respond to sophisticated cyber incidents across the global network.</li><li>Collect, preserve and analyse digital evidence.</li><li>Conduct root cause analysis to understand events.</li><li>Enact incident containment measures and actionable recommendations.</li><li>Implement greater automation and improvement across IR frameworks, SOAR playbooks, cloud IR etc. </li><li>Mon-Fri - normal business working hours</li></ul><p> </p><p><strong><span style="text-decoration: underline;">YOUR PROFILE</span></strong></p><p>Ideal for a SOC/ CSIRT Analyst with Incident Response and Digital Forensics experience.</p><p> </p><p>Will suit someone looking to enhance their specialisation in DFIR, working on sophisticated events in a global organisation.</p><p> </p><p><strong>Required:</strong></p><ul><li>Proven SOC experience in Cyber Incident Response and Digital Forensics.</li><li>Knowledge of SIEM, EDR and Threat Intelligence tools to monitor, detect and investigate possible threats.</li><li>Proven experience responding to sophisticated cyber incidents.</li><li>Experience in collecting, preserving, and analysing digital evidence from compromised systems, endpoints, and networks.</li><li>Previous use of forensic tools (e.g., EnCase, FTK, X-Ways, Autopsy, Magnet Axiom, Volatility) to examine disk, memory, and network data.</li></ul><p> </p><p><strong>Personal attributes:</strong></p><ul><li>Attention to detail to translate written security procedures into SOAR playbooks that can be automated.</li><li>Forward thinking when it comes to automation through scripting (PowerShell, Python etc).</li><li><strong><span style="text-decoration: underline;">Australian citizenship is required for ability to obtain NV1 clearance.</span></strong></li></ul><p> </p><p><strong><span style="text-decoration: underline;">This is a full-time permanent role with hybrid working offering $130,000 - $150,000 (plus super) - depending on experience</span></strong></p><p> </p><h4><strong>This is a </strong>hybrid <strong>position.</strong></h4></td></tr></tbody></table><p><em>By clicking 'apply', you give your express consent that Robert Half may use your personal information to process your job application and to contact you from time to time for future employment opportunities. For further information on how Robert Half processes your personal information and how to access and correct your information, please read the Robert Half privacy notice: <a href="https://www.roberthalf.com/au/en/privacy" target="_blank">https://www.roberthalf.com/au/en/privacy.</a> Please do not submit any sensitive personal data to us in your resume (such as government ID numbers, ethnicity, gender, religion, marital status or trade union membership) as we do not collect your sensitive personal data at this time.</em></p><img src="https://counter.adcourier.com/YnJhbmRvbi53aWxraW5zLjY5MjgzLjEwNjc1QHJoaWF1cy5hcGxpdHJhay5jb20.gif">
<table width="680"><tbody><tr><td width="507"><p><strong><span style="text-decoration: underline;">The Company</span></strong></p><p>A maturing mid-sized Australian based superannuation and financial services provider.</p><p> <strong>On offer: </strong></p><p>- Newly created role in a growing internal Security team.</p><p>- Close knit team full of techies with no micromanagement.</p><p>- Project based role to uplift security and implement changes.</p><p>- An environment you get to own to set direction with a voice internally.</p><p>- Ongoing cloud migration activities.</p><p>- <strong>Work life balance- 9am-5pm working hours.</strong></p><p>- <strong>Hybrid working - 6 days in the office across the month.</strong></p><p>- $140,000 - $150,000 (plus super).</p><p> <strong><span style="text-decoration: underline;">The Role</span></strong></p><p>This will be a 12-month fixed term contract as part of a security uplift and remediation program by enhancing the business security posture by remediating configuration vulnerabilities and supporting uplift initiatives.</p><p> </p><p>It's 100% project-focused working across Windows Server, Active Directory, Azure, patch management, Office 365, MFA, PAM, SIEM activities.</p><p> </p><p><strong>Responsibilities: </strong></p><p>- Identify and remediate security vulnerabilities across IT platforms.</p><p>- Configure, maintain, and support security tools and technologies across Active Directory, Group Policy, patch management, CyberArk and Rapid7.</p><p>- Lead security uplift work including patching, hardening, and access control improvements.</p><p>- Collaborate with Security and Operations teams to implement and verify remediation activities.</p><p>- Maintain clear documentation and report remediation progress to stakeholders.</p><p><strong><span style="text-decoration: underline;"> </span></strong><strong><span style="text-decoration: underline;">Your Profile</span></strong></p><p> </p><p>Suitable for a hands-on IT Security Engineer / Infrastructure Engineer with demonstrated experience implementing security uplift initiatives across Windows, Azure, and Microsoft 365.</p><p> </p><p>Ideal for an independent thinker that can work in a small team and bring a wealth of experience to resolve problems efficiently and mature the internal Security function.</p><p> </p><p><strong><em>Required skills: </em></strong></p><p>- Proven experience as an IT Security Engineer / Infrastructure Engineer with expertise across Windows/Wintel, Azure, Microsoft 365.</p><p>- Demonstrated experience uplifting environments across patch management (SCCM), hardening, and access control improvements including IAM and PAM.</p><p>- Solid grounding of networking principles.</p><p>- Ability to work in a close-knit team to collaborate on processes and mature the internal SOC function.</p><p>- Looking to be part of a cyber uplift and follow processes.</p><p>- Able to work independently, managing priorities and delivering to deadlines.</p><p><strong><em> </em></strong></p><p><strong><em>This is a 12-month fixed term contract (hybrid WFH available) and is offering $140,000 - $150,000 (plus super) - depending on experience. </em></strong></p><p><strong><em>Australian Citizenship or Permanent Residency is required for this role and successful applicants will be contacted. </em></strong></p><p> </p><p><em>Reference Number: </em>06800-0013313852</p><h4><strong>This is a </strong>hybrid <strong>position.</strong></h4></td></tr></tbody></table><p><em>By clicking 'apply', you give your express consent that Robert Half may use your personal information to process your job application and to contact you from time to time for future employment opportunities. For further information on how Robert Half processes your personal information and how to access and correct your information, please read the Robert Half privacy notice: <a href="https://www.roberthalf.com/au/en/privacy" target="_blank">https://www.roberthalf.com/au/en/privacy</a>. Please do not submit any sensitive personal data to us in your resume (such as government ID numbers, ethnicity, gender, religion, marital status or trade union membership) as we do not collect your sensitive personal data at this time.</em></p><p> </p><p> </p><img src="https://counter.adcourier.com/YnJhbmRvbi53aWxraW5zLjY0NjYzLjEwNjc1QHJoaWF1cy5hcGxpdHJhay5jb20.gif">
<p><strong><span style="text-decoration: underline;">The Company</span></strong></p><p>This is an opportunity to join a forward-thinking organisation who are a pillar of the Melbourne culture. You will be based close to Melbourne CBD and have the opportunity to work with new technologies and interesting projects. </p><p>This role is a hybrid role where you are expected in the office at least 3 days a week. </p><p><strong><span style="text-decoration: underline;"><br />Key Responsibilities</span></strong></p><ul><li><strong>Strategy & Planning</strong>: Collaborate with IT and business stakeholders to ensure reliable operation and alignment of IT systems with business objectives.</li><li><strong>Acquisition & Deployment:</strong> Scope, design, implement, and deploy new applications and enhancements, especially in cloud environments (Azure, AWS).</li><li><strong>Operational Management:</strong> Manage incidents, upgrades, maintenance, and documentation. Provide 2nd and 3rd level support.</li><li><strong>Information Security:</strong> Adhere to quality and security policies; identify and report issues.</li><li><strong>Continuous Improvement:</strong> Contribute to reference architectures, process documentation, and technical standards.</li><li><strong>General:</strong> Lead technical projects, manage vendors, and design/manage cloud-based solutions. Cybersecurity responsibilities include identifying and mitigating threats.</li><li><strong>Stakeholder Engagement:</strong> Build strong relationships with internal teams and external service providers.</li></ul><p> <br /><strong><span style="text-decoration: underline;">Required Experience & Skills</span></strong></p><ul><li>Bachelor's degree in Computer Science, IT, or related field (or equivalent experience).</li><li>Minimum 8 years' experience in system/cloud engineering, with at least 4 years in a senior role.</li></ul><p><strong><br />Technical Expertise:</strong></p><ul><li>Advanced administration of Active Directory (AD) and Azure AD in hybrid environments.</li><li>Expert in Microsoft Intune, endpoint management, and Group Policy Objects (GPOs).</li><li>Strong experience with Office 365, Azure, Windows Server (2016+), SCCM, Exchange (hybrid), and SQL Server.</li><li>Proficient in PowerShell scripting and automation.</li><li>Experience with SaaS, PaaS, IaaS, and enterprise domain design/support.</li><li>Level 3 troubleshooting and support for complex infrastructure.</li></ul><p><strong><br />Certifications:</strong></p><ul><li>Relevant cloud certifications (e.g., AWS Solutions Architect, Azure Solutions Architect Expert), MCSA/MCSE (Windows Server 2016+), ITIL Foundation (desirable).<br /><br /></li></ul><p><strong><span style="text-decoration: underline;">Your Profile</span></strong></p><p> You are an expert communicator who can explain technical concepts to non-technical staff. You have a natural flair for solving problems and come with a high level of attention to detail with an awareness of current security threats and best practices.<br /><br /></p><p><strong><span style="text-decoration: underline;">Apply Today</span></strong></p><p>Please send your resume by clicking on the apply button.</p><p>Learn more about our Melbourne recruitment services: <a href="http://www.roberthalf.com.au/recruitment-agency-melbourne">http://www.roberthalf.com.au/recruitment-agency-melbourne</a> </p><p><strong>Job Reference No: 06810-0013319562JR</strong></p><p><em>By clicking 'apply', you give your express consent that Robert Half may use your personal information to process your job application and to contact you from time to time for future employment opportunities. For further information on how Robert Half processes your personal information and how to access and correct your information, please read the Robert Half privacy notice: <a href="https://www.roberthalf.com/au/en/privacy" target="_blank">https://www.roberthalf.com/au/en/privacy</a>. Please do not submit any sensitive personal data to us in your resume (such as government ID numbers, ethnicity, gender, religion, marital status or trade union membership) as we do not collect your sensitive personal data at this time.</em></p><p> </p><p> </p><img src="https://counter.adcourier.com/am9yZGFuLnJhdGlub24uMDc3OTUuMTA2NzVAcmhpYXVzLmFwbGl0cmFrLmNvbQ.gif">
