Careers in Cyber Operations. Defence Signals Directorate

Transcription

1 Careers in Cyber Operations Defence Signals Directorate 1

2 Contents Do you want to play the game no one else can? 3 Interested in a career in information technology? 4 Cyber security is the new black 5 What sort of jobs do we have? 6 Technical Security Specialists 7 Security Software Developers 8 Cyber Analysts 10 Picture yourself in intelligence and security 12 The lowdown on the benefits 14 Working in Canberra 17 Stepping into a career in information security 18 Career Pathways 18 Thinking of applying? 20

3 Our adversaries are often well resourced, highly skilled and good at concealing themselves. Do you want to play the game no one else can? The Australian Government has the difficult job of protecting secret and sensitive information. Hackers can be well-resourced, highly skilled and good at hiding in cyber space. It s the classic story of the good guys versus the bad guys, and we need to win. This work is tough. We often work in the slim area between the difficult and the impossible. But it is also very rewarding, and really makes a difference to national security. Cyber operations in DSD are dedicated to ensuring our government can operate in cyber space with confidence. In DSD cyber operations, you ll be part of the Australian Government s defence against sophisticated foreign hackers. This is your chance to be at the forefront of our country s cyber security and make a real difference. 3

4 Interested in a career in information technology? Enjoy writing your own software? Spend your spare time gaming? Like building computer systems and networks? If you do, you should think about a career at the Defence Signals Directorate. We are leaders in IT security, defending networks against foreign hackers. We have the ultimate IT jobs and we work on projects that are highly technical, challenging and that aren t available anywhere else in Australia. Never heard of the Defence Signals Directorate? The Defence Signals Directorate (DSD for short) is part of the Department of Defence. So what exactly do we do? We have two roles: We gather foreign intelligence to assist the government. We help protect Australian Government information networks from foreign hackers. This is known as cyber security. Cyber security is the new black Cyber security is becoming more and more important. The Australian Government has declared it is one of Australia s top priorities for the future. What s so important about cyber security? The Internet just keeps on growing. People are using it for business, networking, gaming, banking, shopping the list goes on. The down side is that criminals and foreign hackers use the Internet to steal private or secret information for their benefit. Cyber security, IT security, information security it has many names but they all refer to the same thing: protecting electronic information stored on computers or travelling over the Internet, so that it is not seen by unauthorised people. But why do hackers want Australian Government information? The Australian Government has lots of information that is secret, sensitive or should only be seen by people who have permission. Be it important financial reports or intelligence information, hackers may want to get their hands on it to make money or manipulate the government. 5

5 Technical Security Specialists To people in the cyber security industry, it seems like we are in a battle that defenders are destined to lose, as the number of reported threats and compromises increases exponentially. We look at this differently. What sort of jobs do we have? Want to know more about what jobs you could get here? The following pages show the roles we are recruiting for as part of our cyber operations program. If you like the look of any of these jobs, check out page 19 for an idea of the tertiary subjects you might study to give you the best chance of getting one of them. Now more than ever, increased awareness of the cyber security problem presents us with opportunities to improve the security of government using innovative and effective techniques. In order to protect Australian systems from a persistent and increasing cyber threat, we need energetic and passionate information security specialists who want to use their knowledge of white and black hat techniques for good. If you are into implant detection, malware reverse engineering and vulnerability discovery, you ll love what we do. DSD is looking for people who are passionate about breaking and securing computer systems. You ll undertake technical investigations of serious and sophisticated cyber intrusions against Australian Government computer systems, conduct penetration testing of information systems, and use your knowledge of offensive and defensive techniques to protect Australian interests. We need good technical specialists who are willing and able to immerse themselves in the murky world of cyber security to help us stay ahead of hackers. 7

6 Tom, 23, had an interest in IT and maths at high school, and is now a DSD Security Software Developer Security Software Developers Cyber criminals are using increasingly sophisticated technology and using it to trap unsuspecting victims. Cyber security must become predictive rather than reactive to counter these intrusions. This has spurred a great deal of innovation and we are seeing more sophisticated operating systems, networks and security systems. Features such as ASLR, DEP, PatchGuard, mandatory driver signing, DNSSec, and many more, are changing the security landscape. DSD is looking for security-savvy software developers interested in low-level programming languages and operating system internals. You ll be able to design and build secure and robust software systems that are logical and based on sound design principles. You ll also have the skills or aptitude to reverse-engineer software, discover vulnerabilities that may be exploited by a hacker, and identify ways that systems can be defended. This is no ordinary software developer role. It merges software development and IT security in new and crafty ways, and involves complex networks and IT security fundamentals. You ll develop an understanding of the latest security features in IT systems and how to use them effectively. You ll have the opportunity to research new ideas and analyse the latest techniques used by both hackers and defenders. We need techies who can put themselves in the shoes of a hacker to understand how hackers exploit vulnerabilities and bypass security; and who can use that knowledge to put in place protection against such attacks. Towards the end of Year 12 I had no idea what to do next. I knew I wanted to go to university, but I didn t know which degree to choose. I had studied IT and advanced maths at school, and really enjoyed them, so applied to study a Bachelor of Software Engineering. In the final year of my degree, I put in an application to DSD s Cyber Operations program and was stoked to get an interview and the rest is history! I have now been working at DSD for six months and can t believe how much I have learnt. This place is so eye-opening, and the work everyone does makes a real difference to Australia s security. I get to work on some pretty funky technical projects and get to use the latest, coolest technology. It s also fun to work with other technical people who aren t in IT just for the money, but because they love the work. 9

7 In a game where our adversaries operate with no rules or Cyber Analysts The integrity and confidentiality of government information is imperative. The Australian Government needs to know about the threats it faces while doing business on Internet-connected systems. Providing intelligence on foreign threats to government networks is crucial to allow government agencies to mitigate those threats. DSD s cyber analysts are on the front line in the battle to defeat these cyber threats in real time. As a cyber analyst you ll discover and analyse intrusion activity, and from this develop and expand knowledge of the technologies and techniques used by sophisticated hackers. If you enjoy lateral thinking and thrive on finding unconventional solutions, this job could be for you. We need top guns with a good balance of technical and analytical skills to help us detect and analyse unknown threat vectors and monitor their ongoing activities and capabilities. You will be burrowing deep into networks to search for anomalies and security threats, which requires strong networking and internet security skills. You will manage risks and work effectively as a member of a team to deliver intelligence to protect Australia s interests. boundaries, you ll be exploring the unknown and inventing the seemingly impossible. 11

8 Picture yourself in intelligence and security Wondering why working at DSD is so cool? Working in intelligence and security is exciting. You will be able to work on top secret projects that you won t find anywhere else. You might think working in intelligence is about sneaking around wearing an overcoat and dark sunnies. But at DSD this is far from the truth! The work we do is secretive, but we do it in T-shirts and jeans, work in a fun team environment and enjoy socialising outside of work! This is highly relevant and important work stuff that really applies to the here and now. It takes a special type of person to work in the area of intelligence and security. If you are trustworthy, show integrity and are hard-working, you could be a good fit for an intelligence and security officer. How can we tell who is trustworthy? All successful applicants undergo a psychological assessment and security clearance to work at DSD. This process can take between a few months and a year, but makes sure we get the right people for our jobs. 13

9 The lowdown on the benefits Being an Australian Government employee is a good deal. Your salary will depend on your skill level and experience. As of 2011, starting salaries are between $57,929 and $79,555 per year, plus superannuation of 15%. And you won t be out of pocket when you make the move to Canberra, as DSD will pay your relocation costs if you are not already a Canberra resident. What you get: Four weeks of paid leave per year, as well as plenty of sick leave and carers leave if you need it. You can also purchase additional holiday leave on top of your four weeks if you wish. Two extra public holidays each year for living in Canberra, an extra day off because you are a Defence employee, and paid Christmas shutdown that doesn t use up your holiday leave. Free parking and free gym access. 15% superannuation and eligibility for Defence Health membership. The opportunity to further your qualifications in work time, through both nationally recognised training courses and paid tertiary qualifications. Participation in a performance agreement scheme, which guarantees salary increases when you perform your job well. The possibility of domestic or overseas travel for training and conferences. You ll have some of the world s most cutting-edge technology and high-powered computing resources at your fingertips resources not available in industry or anywhere else in Australia. 15

10 Working in Canberra You probably already have an idea of what Canberra is like. But there is more to Canberra than Parliament House, politicians, autumn leaves and roundabouts. It has all the benefits of living in a big city, but people here have a more chilled-out attitude. Canberra does not have the peak hour traffic or pollution of larger cities making it easier and quicker for you to get around. Canberra has something for everyone. There s no shortage of things to do outdoors with a large variety of social and competitive sports you can sign up to. For cyclists, there are over 400 kilometres of bike paths. Canberra is just two hours from the snowfields and two hours from the beach. Canberra airport is about to become international, which is great news for overseas travellers. And if shopping is your thing, there is the Canberra Centre in the heart of the city and numerous depot outlet stores. Canberra has plenty of restaurants covering cuisines from every corner of the globe, and plenty of pubs and clubs to chill out at on the weekends. 17

11 Stepping into a career in information security So, you have decided you want a career in IT and cyber security and think DSD might be a good option for you. Here s what to do to set you on the best path to a job with us. Choose your tertiary course At DSD, we don t mind where you study: as long as you finish your degree or qualification with the skills and experience we are after. Check out the page opposite for qualifications and skills we look for in an applicant. Try us out internships, cadetships and work experience You don t have to wait until you finish your tertiary study to get a taste of working at DSD. We offer internships and cadetships to university students studying in relevant fields. This gives you valuable experience in the workplace and allows you to get an idea of some of the unique projects you could be working on when you apply to work at DSD full time. Apply for DSD internships and cadetships online at In 2012 work experience placements may be available for students in secondary education. More information will be posted to our website in Apply for full-time work at DSD You can apply to DSD during the final year of your tertiary study, as this will allow time for the security clearance process to get underway. You can also apply any time after you finish your degree. Do you have relevant workplace experience but no qualifications? Don t stress. We also accept applicants who do not have tertiary qualification, but do have practical experience and aptitude. Career Pathways On the opposite page is some useful information on how to plan your tertiary courses to reach your goal of working for DSD. Technical Security Specialists If you have an You might study interest in Cyber security Breaking and securing computer systems Cyber forensics Black hat and white hat techniques Malware and rootkit detection Mathematics Programming low-level languages Information technology Computer science Software engineering Security Software Developers If you have an You might study interest in Low-level programming languages Operating system internals Designing and building software systems Reverse-engineering software Discovering vulnerabilities Computer security CYber Analysts If you have an interest in Identifying security flaws Networking Internet security Problem solving Software engineering Networking principles Programming in C/C++, assembly languages Operating systems internals Computer/information security You might study A broad range of subjects that develop analytical and research skills Types of projects you might get to work on Penetration testing Vulnerability testing and research Technical investigations Types of projects you might get to work on Researching security techniques Designing, building and deploying security software Types of projects you might get to work on Identifying intrusions and threats to networks Cyber security incident response Conducting forensics on computer systems Investigating unfamiliar or anomalous network activity 19

12 Thinking of applying? The fine print Due to the secretive nature of our work, there are a few boxes you need to check before you apply. To apply to work at DSD you must: be an Australian citizen have at least ten years checkable background undergo a security clearance. To apply or find out more information on DSD, go to Commonwealth of Australia 2011 This work is copyright. Apart from any use as permitted under the Copyright Act 1968, no part may be reproduced by any persons without prior written permission from the Commonwealth. Requests and inquiries concerning reproduction and rights should be addressed to the Commonwealth Copyright Administration, Attorney General s Department, National Circuit, Barton ACT 2600 or posted at

13 Apply online