We are looking for a problem solver with strong analytical and engineering skills, who has a broad knowledge of Information / Cyber Security technology and practices.
You will be a core member of the SOC team and assist in the effort of identifying known and unknown threats and understand adversary TTPs (Tactics, Techniques and Procedures).
This is a technical role with the understanding that you are already conversant in security automation, security alert monitoring and analysis, system security, network security, compliance, detection engineering and incident response.
At Workday our employees come first and developing your skills are paramount to the success of the SOC. You will be accountable for your training and development budget which includes at least one major off-site training course annually (SANS etc.
at least one major security conference (Blackhat, Defcon, RSA etc.) as well as local conferences and events. You'll be encouraged to keep your skills up to date with other events such as internal red / blue team events, hackathons, membership of various groups and societies.
You'll be self sufficient and have fun whilst innovating and growing a reference library for yourself and your team, and a lab to run proof of concept projects in.
What you’ll do :
Support the daily SOC activities (alert monitoring, detection, analysis and response)
Improve threat detection and hunting capabilities
Drive security monitoring efforts
Develop relevant security automation solutions around open-source and proprietary tools
Gather requirements and develop solutions for the SOC and wider security team
Evaluate new tools and techniques to create innovative and practical security solutions
Help drive team development by mentoring new and existing staff.
Skills and Experience :
4+ years of experience in a similar technical security role (although highly skilled candidates with less experience can also apply)
Preferred tertiary level qualification in an Information Technology related field
Mature approach to supporting a 24 / 7 SOC in a follow-the-sun model
Strong knowledge of information systems, cloud security concepts, solutions and automation
Experience in security incident management processes and tools
Experience with threat intelligence platforms and hunting techniques
Experience with performing technical security analysis and report writing
IDS / IPS / HIDS systems, SOC / SIEM systems and vulnerability scanning tools
Working experience with at least one language (preferably Python)
Strong understanding of Linux / OSX and Windows
Deep understanding of network and application security threats, attack techniques and mitigation options and network related protocols (e.
g. TCP / IP, IPSEC, routing protocols, etc.)
Relevant Security, Systems, and Networking certifications a plus.