Analyst - SOC APAC

Company Description

You’re talented and adaptable. That’s why you’ll fit in.

The strategy of Anglo American is to secure, develop and operate a portfolio of high quality and long-life resource assets to deliver leading shareholder returns. This can be achieved through innovative practices and technologies, in the hands of our world-class people, working towards a common purpose of re-imagining mining to improve people’s lives.

Information Management (IM) develops and optimises the engine that powers Anglo American’s digital and technology ecosystems, so our people can re-imagine the ways we mine, work, and operate.

We are a team of highly specialised experts who consistently push the boundaries of digital, technology, and automation—innovating to drive a smarter, safer, and more sustainable enterprise.

We touch every area of our business, driving value and growth as a result of this approach. We generate efficiencies by optimising operations and improving productivity. We support faster decision making through technical and digital support to our global workforce 24/7. We also drive business continuity by anticipating and managing cyber security, privacy and intellectual property risks through centralized controls.

Job Description

Support IT security operations, identifying and responding to potential threats and incidents, to ensure AA’s cybersecurity and data protection

The Work

• Monitor and analyse security alerts and incidents to detect and respond to cyber threats
• Investigate security breaches and coordinate incident response activities
• Collaborate with IT and security teams to implement security controls and best practices
• Respond to cyber related events and incidents and manage and collaborate with security operations personnel during the remediation and post incident review phases.
• Optimise security logging tools to ensure efficiencies and reduce overheard where possible.
• Develop scripts and SOAR playbooks to support the automated/reduced remediation of common incidents.
• Administration of EDR and SIEM platforms.
• Share Indicators of Compromise with relevant teams and build pattern and trend analysis of attacks to support the threat intelligence function.
• Perform threat hunting across the estate.
• Coordinate local incident response processes and personnel to ensure the Incident Manager is fully supported from a cyber defence/operations perspective in region.
• Conduct research into existing threats to help support risk reduction process.
• Produce threat notifications relating to potential future threats to the business and assist in the development of remediation strategies to mitigate/reduce the risk posed by these threats.
• Engage in security awareness and training programs for employees

Qualifications

What we’re looking for

• An undergraduate qualification or Apprenticeship (Bachelors / Honours degree or equivalent) in computer science, business informatics, engineering/technology or equivalent experience
• Professional certifications and experience in Information Security from industry standard security frameworks, e.g. ISACA, BCS, CIPP, ITIL, Crest, ISC2, COMPTIA and key security vendors including Microsoft, Crowdstrike, Qualys, IBM.
• Advanced knowledge of computer systems, security technologies, network protocols, incident response processes, ITIL and threat intelligence.
• Very good familiarity with endpoint detection and remediation tools (EDR), vulnerability management, SIEM, SOAR, and M365 technologies.
• Knowledge of programming/scripting languages, operational technologies and digital forensics can be helpful.
• Staying updated on emerging technologies and cyber threats is essential in this field.

• Understanding of network protocols, architectures, and components
• Ability to configure and manage network security devices
• Proficiency in securing various operating systems, including Windows, Linux, and macOS
• Ability to monitor and analyze threat intelligence sources to identify potential risks
• Ability to prioritise and diagnose incidents within the relevant process areas according to agreed procedures.
• Proficient in investigation of causes of incidents and seeking resolution within diverse but standardised precedents and procedures by applying operational knowledge and learnings from similar past incidents. 
• Can effectively communicate and coordinate the resolution actions and outcomes to the relevant business stakeholders.
• Support the Development of security operations controls and standard operating procedures.
• Contribute to the development of organisational strategies that address information control requirements.
• Ability to investigate major breaches of security and recommend appropriate control improvements.
• Awareness of relevant cybersecurity regulations and standards (e.g., GDPR, HIPAA, NIST)
• Working knowledge of the MITRE ATT&CK framework and its practical application to security operations.

Additional Information

Who we are

Anglo American is a global diversified mining business. Our portfolio of world-class mining operations provides the metals and minerals that make modern life possible. We use innovative practices and the latest technologies to discover new resources and mine, process, move and market our products to our customers around the world.

As a responsible miner – of diamonds (through De Beers), copper, platinum and other precious metals, iron ore, coal and nickel – we are the custodians of what are precious natural resources. We work together with our key partners and stakeholders to unlock the sustainable value that those resources represent for our shareholders, the communities and countries in which we operate and for society at large. Anglo American is re-imagining mining to improve people’s lives.

What we offer

• Competitive salary and benefits package
• Amazing opportunities for learning and growth - from technical training to leadership programs, we bring out the best in our people
• We’re a large, successful multinational company and there are plenty of opportunities internally to move onwards and upwards too

Inclusion and Diversity

Anglo American is an equal opportunities employer. We are committed to promoting an inclusive and diverse workplace where we value and respect every colleague for who they are and provide equality of opportunity so that everyone can fulfil their potential.

Covid Vaccination Intent

Since safe and effective COVID-19 vaccines have become widely available this year, we have strongly encouraged employees to get vaccinated at the earliest possible opportunity. However, as vaccines have been proven to be a very effective and safe way of protecting people and reducing Covid-19 transmission, we have now announced our intent to introduce a policy that requires Covid-19 vaccination for access to all sites and offices. This policy would apply to all new joiners to the company as well as existing employees and contractors.

We are in the process of undertaking a comprehensive engagement process with all our stakeholders about our intent. This is so we can tailor our approach in each country, including ensuring what we do is lawful. Once this is complete, we will look to implement the policy. There may be differences in how and when it is implemented due to local context and legal requirements.

How to apply

To apply for this role, please complete our online application form. You will have the opportunity to upload your CV and other relevant documentation as part of this process.

#LI-CH1