Cyber Threat Analyst

• Join a team of experts, and be a part of our collaborative culture 
• We value flexibility, and give our people choices to balance work-life commitments 
• Our modern offices are centrally located, with an onsite gym 

 Welcome to TAL. As a leading life insurer, we’ve been protecting Australians for over 150 years. Backed by Dai-ichi Life, we're driven by big ambitions and empowered to create better products and services.  

Together with our Partners, we’re helping millions of Australians live a life filled with choices, options and freedoms. See the direct impact you make delivering support and financial security with care and expertise.  

Grow beyond expectations with diverse roles, global connections and exclusive learning opportunities. Work with passionate, bright and capable colleagues. Feel inspired by supportive leaders. Collaborate with heart, where flexibility, wellbeing and inclusivity is valued. Together, we're reimagining insurance. 

So, bring a curious mind and an ambition to help us become the progressive, digitally-enabled leading insurer. 

We are looking for a hands-on Cyber Threat Analyst with experience across a range of technology & cyber security solutions to join our diverse Cyber Threat management team. The candidate will be working in detecting, investigating and responding to potential and actual cyber security incidents. 

A solid understanding of cyber security concepts and working of cyber security technologies is a must. The candidate must demonstrate their passion in cyber security to become part of the team. The role is packed with trainings with an opportunity to expand the skillsets into cyber threat management, security architecture, and security engineering due to the cross functional operating model. 

This role will include the following responsiblities:

• Work with our partners and broader team in analysing and investigating potential security incidents raised by them.
• Work with our partners and broader team in supporting threat hunting and threat intelligence activities. 
• Support in drafting the incident response plan and then leading with incident response activities.
• Liaise with the security vendors, conduct research, provide technical recommendations and validate whether the containment and remediation activities are successful against security incidents. 
• Prioritise and track vulnerabilities for remediation based on the exposure, exploitability level, and security controls available.
• Review threat intel reports for vulnerabilities, including 0-days and exploits targeting the ecosystem, and invoke appropriate response plan based on the playbooks.  
• Review the impact of technical changes in the environment from cyber security lens and engage relevant cyber team members to support with the change approval process.
• Perform dynamic malware analysis (basic level) using in-house and open-source tools.
• Prepare and present technical reports, analyses and documents, and own the security operations and threat management reports.
• Support with the risk mitigation and remediation activities, and assist with the governance, risk and compliance initiatives.
• Ensure any required training and development is undertaken in a timely manner.
• Build collaborative partnerships with team members, other colleagues and external contacts (as and when required). 
• Communicate positively and openly with colleagues, customers and partners, and informs with timeliness whilst setting context. 
• Develop strong knowledge of the business, its policies, practices and procedures and knows how to correctly apply these. 

To be successful in this role you will have:

• Some experience in security operations role with a strong understanding of security concepts, MITRE ATT&CK framework, and security technologies.
• Hands-on experience with at least 3 of the following security technologies, SIEM, endpoint protection, proxy, email security, SOAR, firewall, NIPS, automated vulnerability assessment, WAF, etc. 
• Experience with the CrowdStrike EDR and NGSIEM platform is a plus
• Must have security knowledge of Windows platform and networking concepts.
• Certified in Azure fundamentals and working knowledge of DevOp is a plus.
• Analytical rigour to all work but remain open to non-traditional information or conclusions.
• Demonstrate passion for cyber security and desirable with a healthy sense of humour.
• A relevant tertiary qualification and a well-rounded background with experience across community and/or extra-curricular activities.

TAL is one of Australia’s leading life insurers, committed to inclusion, and supporting the career growth of our diverse workforce. We’re proud to be:  

• An Inclusive Employer – Recognised as Employer of Choice for Gender Equality by the Workplace Gender Equality Agency and Bronze Tier Status within the Australian Workplace Equality Index  

• Diversity Champions – Member of Diversity Council Australia, Australian Disability Network, Pride in Diversity and Champions of Change  

• Reconciliation Advocates – Read our Innovate Reconciliation Action Plan.    

We welcome applications from people with diverse experiences, perspectives and backgrounds including Aboriginal and Torres Strait Islander people, caregivers, individuals living with disabilities, people from culturally diverse backgrounds and the LGBTIQ+ community.  

Need adjustments during the recruitment process? Let our team know by getting in touch with us here.—we’re here to support you. 

Everyone at TAL has a responsibility to do the right thing and is accountable for the way they conduct themselves. Our expectations are that you follow the principles set out in our Code of Conduct when you come to work every day. Risk management is everyone’s responsibility.

If you are already a TAL employee please apply via the SmartRecruiters button in Workday and navigate to the Employee Portal. This is important to ensure that your application is recorded accurately.