Job Description

Job Is In Australia Melbourne

The responsibilities of a cybersecurity professional can vary depending on the specific role and organization, but here are some general job responsibilities that are typically associated with cybersecurity positions:

1. Risk Assessment and Management

• Identifying Vulnerabilities : Regularly assess the organization's systems, applications, and network for security vulnerabilities.
• Risk Analysis : Analyze the risks associated with security threats, considering the impact and likelihood of potential attacks.
• Risk Mitigation : Develop and implement risk management strategies to address security risks, including technical controls and policies.

2. Network Security

• Monitoring : Continuously monitor network traffic for unusual activity or potential threats using intrusion detection/prevention systems (IDS/IPS).
• Firewalls and VPNs : Configure and manage firewalls, virtual private networks (VPNs), and other network security tools to prevent unauthorized access.
• Access Control : Ensure appropriate access control measures are in place to limit access to sensitive systems and data.

3. Incident Response and Forensics

• Incident Detection and Analysis : Investigate security incidents and breaches, analyze logs, and identify the cause of the attack.
• Incident Response : Lead the response to cybersecurity incidents, including containment, eradication, and recovery.
• Forensics : Conduct forensic investigations to gather evidence of cybercrimes or policy violations and document findings for legal or compliance purposes.

4. Security Policy and Compliance

• Policy Creation : Develop and enforce security policies, procedures, and standards to ensure the organization's cybersecurity posture remains strong.
• Compliance : Ensure that the organization adheres to relevant cybersecurity regulations, standards, and frameworks (e.g., GDPR, HIPAA, PCI-DSS, NIST).
• Audit and Reporting : Conduct regular security audits and prepare reports for management or external auditors to verify compliance with security policies and standards.

5. Threat Intelligence and Research

• Threat Intelligence Gathering : Collect and analyze information on emerging cyber threats, including malware, phishing schemes, and advanced persistent threats (APTs).
• Threat Modeling : Create threat models to identify and assess potential threats to critical assets.
• Staying Current : Keep up-to-date with the latest cybersecurity trends, vulnerabilities, exploits, and attack techniques.

6. Security Architecture and Design

• Secure Systems Design : Collaborate with IT and development teams to design and implement secure systems, applications, and network infrastructures.
• Encryption and Data Protection : Ensure sensitive data is properly encrypted and protected at rest, in transit, and in use.
• Secure Software Development : Work with developers to ensure security is built into software from the ground up (e.g., secure coding practices, threat modeling).

7. Security Awareness Training

• User Education : Conduct training sessions to educate employees on security best practices, phishing, password management, and other security awareness topics.
• Simulated Phishing Exercises : Run simulated phishing campaigns to test and improve employees' ability to recognize social engineering attacks.

8. Endpoint Security

• Antivirus/Antimalware : Manage and update endpoint protection systems (e.g., antivirus software, antimalware tools) on desktops, laptops, and mobile devices.
• Endpoint Monitoring : Monitor endpoint activity for signs of compromise and respond to security incidents involving endpoints.
• Device Control : Implement and enforce policies regarding the use of external devices (e.g., USB drives, external hard drives) on the corporate network.

9. Identity and Access Management (IAM)

• Access Controls : Manage user access to systems and data, ensuring that the principle of least privilege is enforced.
• Multi-Factor Authentication (MFA) : Implement and manage multi-factor authentication mechanisms to add an extra layer of security to user accounts.
• Single Sign-On (SSO) : Deploy and manage SSO solutions to streamline user access while maintaining strong security controls.

10. Cloud Security

• Cloud Security Posture : Ensure cloud infrastructure, services, and applications are securely configured and compliant with best practices.
• Cloud Access Security Brokers (CASB) : Implement CASB tools to monitor and control cloud usage across the organization.
• Data Protection in the Cloud : Ensure that sensitive data in the cloud is adequately protected through encryption, access control, and regular audits.

11. Business Continuity and Disaster Recovery (BC/DR)

• Backup and Recovery : Ensure that regular backups are taken and can be quickly restored in the event of a cyberattack or other disaster.
• Disaster Recovery Planning : Develop and test disaster recovery plans to ensure the organization can resume operations after a security incident.

12. Security Tool and Infrastructure Management

• Security Information and Event Management (SIEM) : Manage SIEM systems to collect and analyze security event data for threat detection and compliance reporting.
• Vulnerability Management Tools : Use automated tools to scan for vulnerabilities and manage remediation efforts.
• Patch Management : Regularly update software and hardware to ensure vulnerabilities are patched in a timely manner.

13. Collaboration with Other Teams

• Cross-Department Collaboration : Work closely with other departments (e.g., IT, legal, HR) to ensure security best practices are integrated into business processes.
• Vendor Risk Management : Assess third-party vendors' security measures and ensure they meet the organization's security requirements.

Key Skills and Knowledge Areas for Cybersecurity Roles:

• Technical Knowledge : Deep understanding of networking protocols, firewalls, encryption, operating systems (Linux, Windows), and intrusion detection/prevention systems.
• Programming/Scripting : Familiarity with programming/scripting languages like Python, PowerShell, or Bash can be helpful for automating tasks and analysis.
• Security Tools : Proficiency with security tools such as firewalls, SIEM systems, anti-virus software, and vulnerability scanners.
• Problem-Solving : Ability to diagnose complex issues and think critically under pressure.
• Communication : Clear communication skills to explain security risks and mitigation strategies to non-technical stakeholders.

Specialized Roles in Cybersecurity:

• Security Analyst
• Security Engineer
• Security Architect
• Incident Responder
• Forensic Investigator
• Penetration Tester (Ethical Hacker)
• Cloud Security Engineer
• Security Consultant
• CISO (Chief Information Security Officer)

Cybersecurity roles vary greatly depending on the industry, size of the organization, and specific job function, but these are some of the core responsibilities you might find across most cybersecurity positions.

Job Types: Full-time, Permanent

Pay: ?100,000.00 - ?200,000.00 per month

Benefits:

• Health insurance

Schedule:

• Day shift
• Morning shift
• Weekend only

Supplemental Pay:

• Performance bonus
• Yearly bonus

Experience:

• total work: 1 year (Preferred)

Work Location: In person