Cyber Operations Security Analyst

Overview:

• Dynamic Cyber Operations Security Analyst * 2 Permanent position.

• Based at the Melbourne CBD campus (Hybrid role) and Flexible Working Arrangements

• This role provides hands-on technical and investigative capability assisting in the protection of RMITs people data and systems.

About the Portfolio

The Operations Portfolio enables integrated enterprise-wide delivery for best practice student and staff experience.

The Portfolio incorporates the following business units: Legal Services Enabling Services Reform Enterprise Projects and Business Performance Data and Analytics Finance Procurement Information and Technology Services Health Safety and Risk Property Services and the Office of the Chief Operating Officer.

The Portfolio houses key delivery functions across the staff and student journeys and enables overall experience for both groups. It is integral in bringing the RMIT strategy to life across the globe. Each of these functions supports the Universitys global operations directly and through its controlled entities.

Information and Technology Services provides RMIT with current and emerging technology systems and services. Our vision of unleashing technologies to enable great experiences for RMIT communities drives a proactive and leading-edge technology ecosystem that supports the Universitys commitment to lifelong learning.

The Role

Join RMITs Cybersecurity Operations team and take a hands-on role and real-world security incidents across SIEM DLP vulnerability management and data protection initiatives where your skills make a real impact.

In this role youll help protect RMITs community by actively investigating and responding to cyber threats across enterprise and cloud platforms supporting a safer digital future for education and research.

Skills & Experience

Incident Management and Response

• Triage and investigate alerts from our SIEM and EDR platforms.

• Manage incidents escalated from Tier 1 SOC analysts performing deeper technical investigation and coordination with relevant teams.

• Classify and document incidents following the RMIT CISO Incident Response Framework (aligned to NIST SP 800-61).

• Support forensic evidence collection log analysis and containment actions as required.

Data Protection and Governance

• Review and investigate incidents generated by DLP Information Protection Labels and Data Governance policies.

• Conduct triage of DMARC spoofing and phishing-related events coordinating with the other teams.

• Identify and recommend improvements to Microsoft Purview policies and governance configurations.

Vulnerability and Patch Management

• Monitor vulnerability reports.

• Track remediation activities and patch compliance across infrastructure and endpoint environments.

Security Engineering Support

• Assist with maintenance of SIEM and SOAR data connectors detection logic and automation workflows.

• Contribute to building detection use cases dashboards and playbooks.

• Participate in testing and validating new integrations or security technologies before production rollout.

Continuous Improvement and Collaboration

• Support post-incident reviews root-cause analysis and lessons-learned documentation.

• Contribute to knowledge base and playbook updates.

• Participate in tabletop exercises and security awareness initiatives.

• Engage collaboratively with service owners risk and governance teams and the broader ITS community.

ToApply

Please submit your CV and cover letter addressing your suitability for this position by clicking on the Apply link below.

For further information about this position please see the Position Description below.

you join our team youll be able to access a range of benefits: From travel to fitness theres something for everyone!

Applications Close: