About the job
Are you part of the blue team? experienced in Cyber Threat response? do you have what it takes to spot and chase actors? If you do then Join Macquarie’s Cyber Threat Incident Response (CTIR) team based in our Sydney office as a Cyber Threat Defence Analyst.
You will be working alongside a diverse team in multiple offices around the globe and be responsible for detecting, identifying, triaging, and mitigating threats and risks in our global cyber environment. You will also act to ensure that Macquarie’s digital estate is protected from threats both known and unknown.
Using your attention to detail and data driven approach you will act as an expert for the CTIR function to provide leadership, focus, and accountability for CTIR activities.
Your understanding of cyber threat as a function of human motivation, combined with your experience in actively detecting and defending against that threat utilizing a combination of standard cyber tools and your own system/platform/network knowledge, will be highly beneficial in this role alongside your similarly skilled and experienced peers.
- Triage active alerts and campaigns for potential systemic threats to our global business
- Proactively seek out suspicious activity and threats within the environment, act appropriately to contain and mitigate them
- Perform real-time detection, analysis, and response to threats via an EDR tool
- Analyze latest malware discoveries/shifts to understand how/if it would be effective in the environment
- Create new alerts and investigation methods in relation to the ever-changing threat landscape
- Analyze attacks and trends facing the organization and industry to better define proactive defensive measures
- Investigate threat actor activity and discover their infrastructure, motivations, and potential future actions
- Take proactive actions to have observed brand impersonating and malicious sites removed
- Discover internal security concerns and raise findings with the appropriate internal teams
- Review processes, defence plane, technologies, and alerts in search of improvement
To be successful in this role you must have a proven track record of security or operational experience in large enterprise environments, as well as operational experience across Windows, UNIX, networking and hosting domains. Experience and a strong understanding of security technology and defence topologies are imperative to be successful in this role.
Ideally you will bring
- Splunk or other large log aggregation system
- An Endpoint detection and response (EDR) platform
- A Security Orchestration, Automation, and Response platform (SOAR)
- How to chase actors beyond these tools
- Analyzing Emails (e.g reading and understanding email headers, infrastructure)
- Knowledge and experience decoding and deciphering malicious code
- Familiarity with various network and cloud architectures
- Identity and Access Management (IAM)
- User and Entity Behavior Analytics (UBA/UEBA)
It would be beneficial but not essential if you had
- Scripting language understanding (Python, Powershell, etc.)
- Malware analysis (manual, static, and dynamic)
- Familiarity with the MITRE Attack framework
To join our passionate technology team, apply online via the link.
Find out more about Macquarie careers at http://www.macquarie.com/careers
About The Corporate Operations Group
The Corporate Operations Group brings together specialist support services in Digital Transformation & Data, Technology, Market Operations, Human Resources, Business Services, Business Improvement & Strategy, and the Macquarie Group Foundation. The Corporate Operations Group’s purpose is to power the entrepreneurial enterprise.
Our commitment to Diversity and Inclusion
The diversity of our people is one of our greatest strengths, and in combination with our inclusive environment, it enables us to deliver innovative and sustainable outcomes for our people, clients, shareholders and communities. From day one, you'll be encouraged to be yourself and supported to perform at your best. If our purpose of ‘empowering people to innovate and invest for a better future’ is as inspiring to you as it is to us, please apply. With the right technology, support and resources, our people can work in a range of flexible ways.
We are committed to providing a working environment that embraces and values diversity and inclusion. We encourage candidates to speak with a member of our recruitment team if you require adjustments to our recruitment process to support you, and the type of working arrangements that would help you thrive.
A career at Macquarie means you’ll have the opportunity to develop and utilise new skills, explore interesting fields and do challenging work that will impact the lives of people around the world—whether it’s accelerating the green energy transition, helping sustain global food supplies, financing social housing projects or investing in essential infrastructure. At Macquarie, we’re empowering people to innovate and invest for a better future.
Our size and international presence means your work can take you anywhere—across business groups, disciplines, sectors and borders. With 18,000+ employees and offices in 33 markets around the world, we’re a truly global organisation.
You’ll be supported by a diverse team where the unique perspectives, ideas and experiences that all of our people bring are valued. You’ll be empowered to address unmet needs in our communities whilst advising and investing alongside our clients and partners. Working with us, you’ll have the opportunity to make a difference.
Macquarie is a global financial group providing clients with asset management, retail and business banking, wealth management, leasing and asset financing, market access, commodity trading, renewables development, specialist advisory, capital raising and principal investment.
Find out more at www.macquarie.com/careers
Job no: COG-970300
Work type: Permanent - Full time
Category: Mid-senior, Technology
Group: Corporate Operations Group
Recruiter: Nathan King
Opening Date: 22/12/2022