Specialist Cyber Security Operations

ABOUT SOUTH32 
South32 is a globally diversified mining and metals company. Our purpose is to make a difference by developing natural resources, improving people’s lives now and for generations to come. We are trusted by our owners and partners to realise the potential of their resources.

PERTH OFFICE

South32’s corporate office is based in the heart of Perth’s CBD. The corporate office houses key functions including HR, Legal and External Affairs, Finance, Corporate Development, Investor Relations, Group Risk, and Technical. Our office is conveniently located a 5-minute walk from the Perth Underground Train Station.

WHAT SOUTH32 OFFERS

• Competitive salaries, including Short-Term Incentive Bonus
• Additional employer superannuation contributions which depend on the level of employee contributions you choose.
• Participation in the Employee Share Plan
• Flexible working arrangements and industry-leading parental leave and family care policy

ABOUT THE ROLE

The Opportunity - Permanent, Full-Time Position: This role will preferably be based at our head office in Perth. We understand and value the benefits flexibility brings and operate a hybrid work model (in the office and from home)

The role of Specialist Cyber Security Operations will support the successful delivery of cyber security operations services to detect and respond to threats as part of a global Security Operations team.

You will have autonomy to perform security monitoring, investigation, triage, incident response, recovery, remediation, proactive planning, and threat-hunting activities. The role will focus on end-to-end coverage of cyber security threats affecting IT and OT/ICS environments in collaboration with domain specialists across the Cybersecurity team and broader technology function.

Reporting to the Team Lead Cyber Security Operations, working within the Security Operations Team, and collaborating closely with the Operations and broader Technology team key responsibilities are, but are not limited to:

• Manage day-to-day Cyber Security Operations activities, including event and incident logging, monitoring, and SIEM platform administration
• Conduct threat analysis and triage activities to identify security incidents and breaches across IT and OT environments
• Conduct investigations into cyber security incidents and support the response to cyber security incidents by developing and implementing response plans, coordinating with key stakeholders and business representatives
• Support and conduct routine threat and vulnerability management activities
• Support the maintenance and tuning of endpoint protection solutions across the organization
• Contribute to the design, architecture, and engineering of security operations (Use-Cases, Playbooks etc.)
• Support and execute threat-hunting campaigns
• Support the delivery of key cybersecurity initiatives that uplift the function's capability

ABOUT YOU 

• Minimum 3 years of practical experience in a Cyber Security Operations environment, including proven expertise in security monitoring and incident response activities
• Proficiency in SIEM tools and a solid understanding of SOC practices
• Strong familiarity with the Microsoft Defender suite and proficiency in securing Azure-hosted services (e.g. VMs, Entra, Azure App Services, Networking)
• Working knowledge of leading cyber security frameworks such as MITRE ATT&CK, NIST, or ISO27001
• Ability to communicate technical issues to individuals who may not have a technical or security background

Qualifications for this position are:

• Degree in Cyber Security, Information Technology, or STEM
• Cyber security-related certifications/qualifications desirable 

OUR CULTURE

At South32, our people are fundamental to our success. We’re focused on creating an inclusive workplace with the right people in the right roles, who are engaged, empowered, and appropriately rewarded. We encourage applications from people of all backgrounds.

The job advert will close on 8th November 2023