- $1000 per day
- Job Type
- 3 months ago
- Large financial institution
- Massive large-scale cloud migration and security project
- Long term contract opportunity, market leading rates
Our client is one of the leading financial institutions in Australia and are a household name. They are currently undergoing a massive and thorough technology upgrade to position the business competitively for the future.
This position is a highly visible and influential role, with an enterprise wide scope and the ability to have a tangible impact within the organisation, as well as an opportunity to build a strong and resilient cloud security function.
In order to improve customer experience and overall security, our client is currently conducting a very large transfer of company and client data to the cloud, requiring an experienced Cloud Security specialist to help them to achieve this.
For each new cloud service (Azure & GCP) responsibilities will include:
- Manage the overall delivery and status reporting to the project and Cyber Defense management
- Work with the Cyber Threat Intelligence team to ensure the new Azure/GCP service’s impacts to intelligence requirements, collection plans and the intelligence life-cycle are understood, and necessary changes implemented
- Perform and document attack modelling with input from Azure/GCP SMEs (HIP, CloudSecOps, Security Architects) and Cyber Defence stakeholders (Red Team, Detection, Cyber Response) to identify threats, possible attack scenarios, TTPs, adversary actions and points of exposure
- Convert attack modelling outputs into Detection Use Cases and incorporate into the Cyber Defence use case model
- Where possible, existing Use Cases, service provider Use Cases, and any public / available Use Cases
- Liaise with Azure SMEs and internal Splunk resources to ensure appropriate logs are identified/created, on boarded and appropriately ingested into Splunk ES, CIM and ES Data Models
- Implement Splunk ES content/rules and changes to broader detection tools (as required for non-log centric Detection Use Cases) to ensure Detection Use Cases are achieved
- Implement alerting with adequate context / information for Cyber Response teams to investigate and respond
- Document triage / response playbooks to guide an Analyst on how to respond to alerts. This also includes identifying opportunities for automation and orchestration for subsequent SOAR playbook development
- Identify and document necessary controls (technical & process) that allow Analysts to investigate, contain, eradicate, remediate threats
- Ensure risks and issues are called out and escalated appropriately, including risks/issues with the security model and with delivery/execution
- Document and maintain the critical elements of the Azure/GCP service in the Cyber Defence Wiki, run information and training sessions with the Cyber Defence team and ensure operational acceptance
• 6+ years of experience with cloud security overall, Azure preferred. Any level of GCP experience will be prioritized
• Ability to think like an attacker, and build detection and response mechanisms accordingly
• Splunk experience highly preferred
• Experience with the assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes
• General knowledge of secure software development, identity and access management (IAM), data protection, cryptography, network security, and key management
• Experience across SaaS, IaaS, PaaS, and other cloud environments
• Experience working with cloud security and governance tools, server virtualization technologies, and CASBs
• Ability to design and implement cloud security controls that are in line with agreed strategies, business direction and security risk appetite
• Experience with common and industry standard cloud-native/cloud-friendly authentication mechanisms
• Industry certifications such as GPEN, OSCP, OSCE are beneficial
Our client will offer a highly competitive daily rate commensurate with experience. This is a long-term contracting engagement, with a high probability of permanent employment for exceptional candidates.
To apply for this position, please click the 'Apply Now' button below. For a confidential discussion, please contact Stuart van Heerden on 03 8547 1333.