Threat Detection Analyst

  • Company:
    ANZ
  • Location:
  • Salary:
    negotiable / month
  • Job type:
    Full-Time
  • Posted:
    1 day ago
  • Category:
    Analyst

Requisition Title

-Threat Detection Analyst

Job Number:

-AUS114361

Description

First abit about ANZ

At ANZ, everything we do boils down to‘why’ – our purpose – to shape a world where people and communities thrive.We’re just as focused on seeing our people thrive as well as our customers.We’ll give you every opportunity to develop your career.

We are responding faster to changingcustomer requirements, focusing on the things that matter the most, energisingour people, eliminating waste and reducing bureaucracy.

ANZ has moved to a new way of working,leveraging agile practices. To understand more about this new way of workingand if this role is right for you, we strongly encourage you to take a lookat The ANZWay vimeo channel whereyou’ll find The ANZ Way animation and the New Ways of Working animation. 

The Cyber Defence – Cyber Analytics squad is responsible for extending ANZ’s malicious threat detectioncapabilities and incident responsiveness via the application of advancedanalytics techniques. 

As a Security Data Engineer within this squadyou will have the significant opportunity and freedom to think outside the boxand apply a growth mindset to develop new and innovative technical solutions tosolve complex security challenges. This is backed by a significant investmentin the cyber security space to enable big data and analytics capabilitiesproviding full flexibility to build advanced defences for cyber threats.

You will have the opportunity to workclosely with ANZ’s Threat Intelligence, Security Operations Centre (SOC) andthe Red Team, as well as and this squad’s data scientists to deliver innovativenew detections and hunts for threat actors using techniques including rulesbased approaches, profile based approaches, anomaly identification andpotentially ML-based classification models.

In the role you will:

  • Use your proven experience in threat hunting and/or developing automated detections across big data sets to look for unusual or anomalous data guided by practical examples of how malicious threats would appear in the data.
  • Use your strong understanding the threat landscape, malicious actors and attack techniques to develop analytic solutions to model and detect these threats.
  • Use your desire to continuously develop yourknowledge and skills to keep up with a rapidly changing threat landscape andbring innovative ideas into the squad.
  • Use your track record of execution to delivertangible outcomes to think outside the box in order to find solutions toproblems, rapidly prove or disprove ideas and ‘hack’ together whatever toolsare at your disposal to prove a tactical working solution.
  • Assess each attack technique based on a detailedunderstanding of our security ecosystem, potentially simulating attacks toconfirm viability and detection coverage gaps
  • Leverageterabytes of streamed security logs that land in our platforms at near-realtime each day
  • Developadvanced detections in Splunk ES, our-in house Hadoop cluster and our emergingcloud analytics and detection environments including GCP and Azure Sentinel.
  • As a Security Data Engineer in Cyber Defence, you will leverage your security analyst and big-dataexperience to help scope, simulate, design, build, deploy and support maliciousthreat detection solutions. You will work closely with squad members to ensureoutcomes meet customer expectations.

    What youbring to Cyber Defence – Cyber Analytics as a Security Data Engineer?

    Requiredskills:

  • 3+ yearscyber security experience (in incident response or threat detection)
  • 2+ years’experience or exposure to big data platforms and associatedengineering/development/scripting
  • Demonstratesa depth of understanding of common attack techniques and associated detectionapproaches and mechanisms (e.g. in the context of industry standards like MitreAtt&ck)
  • Ability todevelop approaches to identify these common attack techniques and as well asemerging or unknown threats in big data sets
  • Experiencein big data environments (e.g. Spark)
  • Proficient inbig data scripting languages (e.g. Scala, Python, Java)
  • SIEMexperience/exposure (e.g. Splunk)
  • Stronginterpersonal skills: we are looking for a great collaborator!
  • Desirable Skills:

  • Understandingof good software engineering practices including CI/CD, automated testing and reliabilityengineering;
  • Ideally someexperienced in the end-to-end design, development & deployment of highthroughput analytics/ML pipelines & streaming technology (e.g. SparkML,NiFi, DataFlow)
  • At ANZ weaim to create an inclusive environment where employee differences such asgender, age, culture, disability, sexual orientation, family and caringresponsibilities and religion are valued and supported.

    We work flexibly at ANZ. Talk to us and let us know how this role can beflexible for you.
    #GD4.3