Senior Cyber Security Analyst

• Play a pivotal role being the forefront of driving cutting-edge cybersecurity solutions across AusNet’s IT and Operational Technology (OT) environments
• Join a forward-thinking team that values collaboration, fosters a strong and supportive culture, and leads with industry best practices.
• Careers with Purpose > Collaborative > Inclusive > Flexible Work Environment 

When you choose AusNet, you’ll join genuine people working together, making Real. Progress
 

At AusNet, we’re the link between renewable energy sources and local communities, playing a key role in the clean energy transition and providing essential energy to every Victorian family.
 

Help us lead the way, while enriching your career with real people who encourage you to bring your best and make real impact – for your career, our communities, and Australia’s cleaner energy future.

Purposeful work with genuinely good people. That’s refreshing.

The Senior Cybersecurity Analyst is a vital expert who takes the lead in ensuring strong cybersecurity across both AusNet's IT and Operational Technology (OT) systems. This role needs solid skills in defending against cyber threats, handling incidents, automating processes, and securing cloud systems. You'll play a crucial part in helping to roll out the cybersecurity plan and make sure everything stays safe and secure.
 

With a Hybrid split (Office/WFH), this role a permanent full-time position and is based in Southbank, Victoria and is part of the Cyber Security team.

This role will deliver real outcomes, including but not limited to:

• Lead the entire cyber security incident management process, including investigating and responding to incidents with multiple teams.
• Provide technical analysis, fix issues, and report on cyber incidents to team leaders and management.
• Create and update threat hunting playbooks, and lead threat hunting efforts using tactics, techniques, and procedures (TTPs) from cyber actors and threat intelligence.
• Develop and improve processes to make threat detection and response faster and more efficient.
• Continuously improve the setup and coverage of cyber security controls by creating custom rules for SIEM, XDR, and other relevant systems.

You don’t need to check every box; however, we are looking for a good combination of:

•  7-10 years of hands-on experience in security operations, incident response, and threat hunting, with knowledge of cloud services like Azure and AWS. Experience with Operational Technology (OT) or Industrial Control Systems (ICS) is a bonus.
• Proven skills in identifying and responding to cyber threats, with a solid understanding of how modern threat actors operate.
• Strong experience in proactively spotting threats and anomalies using advanced threat hunting techniques.
•  In-depth understanding of the attack lifecycle, as well as adversary tactics and techniques, to develop strong defensive strategies.
• Skilled in using SOC tools and technologies, including SIEM, SOAR, XDR, Web Application Firewalls, Vulnerability Management, NDR, and OT TVM.
• Good knowledge of common enterprise technologies like Windows, Linux, Active Directory, M365, Microsoft Entra ID, DNS, DHCP, web proxies, Mail Relays, and TCP/IP.
• Proficient in scripting languages (Python, PowerShell, etc.) with demonstrated experience in security engineering automating security operations tasks and incident response workflows.
• Strong grasp of application-level vulnerabilities on both web and mobile platforms with demonstrated experience in providing security advice to secure applications and prevent recurrence of cybersecurity incidents
• Capable of independently conducting security assessments related to Active Directory and other infrastructure assets.
• Experience in forensic investigations, including malware analysis, memory analysis, disk forensics, and network packet analysis to support post-incident reviews would be advantageous
• Participation in cybersecurity competitions, bug bounty programs, or open-source projects, demonstrating a strong grasp and expertise in advanced attack methods, is highly desirable.
• Industry certifications (e.g., GCFA, GCFE, GCIH, GNFA, OSCP, OSCE) are highly valued, along with cloud security certifications from Microsoft.

Emergency Response: Customers and community are at the heart of everything we do.
 

From time-to-time you may be called upon to support an emergency response (e.g. storms, bushfires, floods) to ensure we continue to safely deliver our customers’ energy needs.
 

A real place to belong. 

We celebrate unique voices, refreshing perspectives and diversity in our team. Engage and connect through our social club, family day, wide range of events or by joining one of our Employee Network Groups.  

We believe in more than just competitive pay. Here’s what sets us apart:

• Flexibility: whether this is hybrid work, flexible hours, or part time arrangements, we’ll work with you to help balance work and life.
• Leave: more than typical personal leave and a generous 14 weeks of paid parental leave, with no minimum service.
• Community giving: a paid day to volunteer with our social impact partner, Foodbank, or for a cause that matters to you.
• Perks: we offer all the other perks you’ve come to expect like purchased leave, income protection insurance, novated leasing, corporate discounts, private health cover discounts and more.
   

As an industry in transformation, we’re excited by the possibilities ahead.
 

So, if you’re passionate about our purpose and committed to making real progress, bring your energy and join AusNet. Together, we can shape a new way forward.