Cyber Defence Analyst

Job Description

Coordinate and provide technical support to enterprise-wide cyber defence technicians to resolve cyber defence incidents.
Use cyber defence tools for continual monitoring and analysis of system activity to identify malicious activity.
Analyse identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information.
Determine tactics, techniques, and procedures (TTPs) for intrusion sets.
Assist in identifying, prioritizing, and coordinating the protection of critical cyber defence infrastructure and key resources.
Build, install, configure, and test dedicated cyber defence hardware.
Assist in assessing the impact of implementing and sustaining

Job Advert Text

Organization: At CommBank, we never lose sight of the role we play in other people's financial wellbeing. Our focus is to help people and businesses move forward to progress. To make the right financial decisions and achieve their dreams, targets, and aspirations. Regardless of where you work within our organisation, your initiative, talent, ideas, and energy all contribute to the impact that we can make with our work. Together we can achieve great things.

Job Title: Cyber Defence Analyst
Location: Bangalore-Manyata Tech Park

Business & Team: The Cyber Attack Analysis Team (CAAT) enables the Group to respond to cyber security events that impact core business platforms, systems, data, assets, and reputation. The team serves as the Tier 1 function and is responsible for detecting, triaging and analysing cyber security events of interest.

Impact &contribution: As a Cyber Security Analyst, you will monitor the Group's computer systems for suspicious activity using enterprise-grade cyber tools and critical thought. You will triage and manage various incidents, events, and queries from the business to the relevant resolver group. Your role will also involve contributing to the Continual Service Improvement (CSI) of the team's operations through proactive analysis, engagement, and collaboration with your team.

Roles & responsibilities:

• Monitor the Group's computer systems for suspicious activity using enterprise-grade cyber tools and critical thought.
• Triage and analyse detection alerts and staff-reported cyber attacks to identify which events require response activities based on Standard Operating Procedures.
• Capture essential details and artefacts for cyber security events.
• Maintain event response documentation, participate in post-mortems, and write event reports.
• Escalate applicable incidents to other accountable functions within the Group (such as Cyber Attack Response, Data Breach, Governance, etc).
• Identify potential new detection logic and escalate to the Detection Engineering team.
• Contribute to the Continual Service Improvement (CSI) of the team's operations through proactive analysis, engagement, and collaboration with your team.
• 24/7 shift and completely work from Office

Essential skills:

• Experience: 3+ years of experience as a Cyber Security Analyst or in a similar role.
• Technical Skills: Knowledge of operating systems, network protocols, and cyber security tools.
• Analytical Skills: Good analytical and problem-solving skills.
• A proficiency in Splunk or other SIEM tools
• A proficiency in Microsoft Defender for Endpoints (MDE) or other Endpoint Detection and Response (EDR) tools
• A good understanding of networking principles
• Experience in incident management, with a strong emphasis on comprehensive documentation, integrity, and accountability.
• Experience with cloud security and knowledge of cloud platforms such as AWS or Azure.
• The capability to learn fast, and a knack to analyse computer system activity to understand and assess cyber threats.
• An ability to document and explain technical details clearly and concisely for different audiences.
• Attention to Detail: High level of attention to detail and accuracy. Ability to work meticulously under pressure.
• Relevant certifications such as GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Incident Handler (GCIH), or GIAC Reverse Engineering Malware (GREM) are a plus.

Education Qualification: Bachelor's degree or Master's degree in Engineering in Computer Science/Information Technology.