Workforce Australia for Individuals
Sydney, New South Wales, Australia, SYDNEY, Australia
Job Type


Join Macquarie’s Cyber Threat Incident Response (CTIR) team based in our Sydney office as a Cyber Threat Defense Analyst. In this role, you will be working alongside a diverse team in multiple offices around the globe and be responsible for detecting, identifying, triaging, and mitigating threats and risks in our global cyber environment. You will also act to ensure that Macquarie’s digital estate is protected from threats both known and unknown.

Your first-class technical skills are required to continuously identify, assess, and manage threats relative to the corporate risk appetite by leveraging technology and your experience to analyze data. Experience in log aggregation and analysis will be crucial in detecting and triaging potential or active security incidents. Using your attention to detail and data driven approach you will act as an expert for the CTIR function to provide leadership, focus, and accountability for CTIR activities. Your understanding of cyber threat as a function of human motivation, combined with your experience in actively detecting and defending against that threat utilizing a combination of standard cyber tools and your own system/platform/network knowledge, will be highly beneficial in this role alongside your similarly skill

d security or operational experience in large enterprise environments, as well as operational experience across Windows, UNIX, networking and hosting domains. Experience and a strong understanding of security technology and defense topologies are imperative to be successful in this role.What is the job?Triage active alerts and campaigns for potential systemic threats to our global businessProactively seek out suspicious activity and threats within the environment, act appropriately to contain and mitigate them Perform real-time detection, analysis, and response to threats via an EDR tool Analyze latest malware discoveries/shifts to understand how/if it would be effective in the environment Create new alerts and investigation methods in relation to the ever-changing threat landscape Analyze attacks and trends facing the organization and industry to better define proactive defensive measures Track, provide, and present analysis into observed attacks against Macquarie Investigate threat actor activity and discover their infrastructure, motivations, and potential future actions Take proactive actions to have observed brand impersonating and malicious sites removed Discover internal security concerns and raise findings with the appropriate internal teams Review processes, defense plane, technologies, and alerts in search of improvement


What The Ideal Candidate Should Know/have Experience With Splunk or other large log aggregation system An Endpoint detection and response (EDR) platform  Security Orchestration, Automation, and Response platform (SOAR)Email gateway security controls How to chase actors beyond these tools Analyzing Emails (e. g reading and understanding email headers, infrastructure)Knowledge and experience decoding and deciphering malicious code Analytical mindset Offensive Security/Adversarial mindset Scripting language understanding (Python, Power shell, etc.)Malware analysis (manual, static, and dynamic)Familiarity with various network and cloud architectures Identity and Access Management (IAM)User and Entity Behavior Analytics (UBA/UEBA)Familiarity with the MITRE Attack framework

About The Corporate Operations Group The Corporate Operations Group brings together specialist support services in Digital Transformation & Data, Technology, Operations, Human Resources, Business Services, Corporate Strategy & Solutions, and the Macquarie Group Foundation. We deliver service excellence to ensure Macquarie is open for business, deliver on transformational change, invest in our people and have deep relationships with our customers. Our commitment to Diversity, Equity and Inclusion The diversity of our people is one of our greatest strengths. An inclusive and equitable environment enables us to deliver innovative and sustainable outcomes for our people, clients, shareholders and communities. From day one, you'll be encouraged to be yourself and supported to perform at your best. If our purpose of ‘empowering people to innovate and invest for a better future’ is as inspiring to you as it is to us, please apply. With the right technology, support and resources, our people can work in a range of flexible ways. We are committed to providing a working environment that embraces and values diversity, equity and inclusion. We encourage candidates to speak with a member of our recruitment team if you require adjustments to our recruitment process to support you, and the type of working arrangements that would help you thrive.

Drop files here browse files ...

Related Jobs

Senior Cyber Threat Defense Analyst   Sydney, NSW, SYDNEY, Australia
Cyber Threat Defense Analyst - Sydney   Sydney, NSW, SYDNEY, Australia