Position Description. NZIC SIEM Analyst. GCSB mission and values. Our mission. Our values



Similar documents
Position Description. GCSB Data Management Specialist. Business unit: Responsible to: Position purpose: Direct reports: Financial delegation:

Position Description. Assistant Director Cyber Security UNCLASSIFIED. Deputy Director, Information Assurance and Cyber Security Directorate

People and Capability (P&C) Intelligence Community Shared Services (ICSS) Chief People Officer (CPO)

Position Description. Technical Lead, Computer Network Defence. GCSB mission and values. Our mission. Our values UNCLASSIFIED

Position description and specification

Clinical Specialty Midwife/Nurse (CSM/N) Quality & Risk Women s Health

HR INFORMATION SYSTEMS ANALYST

UNIVERSITY BOARD SKILLS REVIEW MATRIX Page 1 of 5

POSITION DESCRIPTION. Personal Assistant Service Manager/ Clinical Head Integrated Care Adult Mental Health Services

Community Services Family Services

Waikato Regional Council Role Description

POSITION DESCRIPTION. Data Warehouse Developer

Job Title: Clinical Coordinator and Data Management Administrator. Job Holder: New Position, 2014 PART 1: JOB PROFILE. 1. Main Purpose of Job

POSITION DESCRIPTION

Principal Advisor Safety, Health and Wellbeing

Head of Engineering Job Description

HEW 7. Position Title. Web Developer. Reports to. Manager, Online Technical Development. Organisational Unit

Annual Salary $65,363 to $75,497 (dependent of qualifications and experience) plus 9.5% super and attractive salary packaging

Position Title: Clinical Specialty Nurse Wound Care

Clinical Nurse Specialist - Infection Prevention & Control

Associate Director, Performance and Planning (8d)

Diploma of Project Management BSB51415

Job Description. Wilson Health Centre, Cranmer Road, Mitcham, Surrey, CR4 4TP. Practice Manager / Clinical Manager (Clinical Matters)

How To Be A Health Improvement Advisor

Quality Assurance Manager Middlemore Central

ROLE PROFILE. Performance Consultant (Fixed Term) Assistant Director for Human Resources

POSITION DESCRIPTION. Organisation profile. Our vision. Our values. Position title Procurement Specialist Job band G

Position Description Senior Speech Pathologist Foundation Skills Group

South Australia Police POSITION INFORMATION DOCUMENT

Strategy and Performance. Darren Gillies

APPENDIX 1 POSITION DESCRIPTION. Name Signature Date. Name Signature Date. Position: Intermediate/Senior Planner (Career Progression Level 3-4)

Manager HR Systems and Analytics

Ambulance Victoria Position Description

Lower Hutt Campus. The Open Polytechnic operates nation-wide as the specialist provider of vocational open and distance learning.

South Australia Police POSITION INFORMATION DOCUMENT

Position Number(s) Community(s) Division/Region(s) Yellowknife Corporate Services

Payroll & HR Administrator SEA (Kuala Lumpur - Jalan P Ramlee)

POSITION PROFILE Public Relations Officer. Position Summary. Position Statement. Corporate Vision. Constructive Culture COMMUNICATIONS UNIT

Technical Project Manager JOB DESCRIPTION

CLASSIFICATION SPECIFICATION FORM

POSITION DESCRIPTION. Role Purpose. Key Challenges. Key Result Areas

POSITION DESCRIPTION. Enrolled Nurse Adult Rehabilitation & Health of Older Persons

CareNZ Job Description GENERAL MANAGER HUMAN RESOURCES

Director of Human Resources

IPDS. Green Book Employees. An Integrated Performance Management, Pay and Grading System. Technical 2. Making West Midlands Safer.

DEPARTMENT OF PLANNING, TRANSPORT AND INFRASTRUCTURE

NCS Contract Director, North East of England

National Cyber Policy Office. Manager, National Cyber Policy Office

POSITION DESCRIPTION. Role Purpose

POSITION DESCRIPTION. Deputy Principal. Lindisfarne Anglican Grammar School. DATE March 2015

Lecturer Job Description - Maths Graduate

Position Description (PD)

Performance Expectations:

Sub-section Content. 1 Formalities - Post title: Risk Consultant - Reports to: Head of Group Risk - Division: xxx - Location: xxx

Manager, Procurement and Contracts

JOB PROFILE. For more detailed information about Internal Affairs, go to our website:

Organisational Unit/ Department

Job Description. Position Information. Information Services Operations Co-ordinator. Council Overview

JOB DESCRIPTION. The post holder reports to the Care Manager and is accountable to the Director of Care.

FINANCIAL ACCOUNTING MANAGER

AOD Support Services Classification Level: 7.1 Aboriginal Community Organisation Award. 004 Supervisor AOD Support Services

Client Services Manager Self and contribution to Team. Information Services

Ambulance Victoria. Position Description

HR Administrative Partner EHA Fixed Term Full Time for up to 12 months (Maternity cover)

Job Description / Specification

APPENDIX 1 POSITION DESCRIPTION. Name Signature Date. Name Signature Date. Principal/ Senior Asset Management Engineer (Career Progression

Works closely with all members of the Training and Consultancy team, and the wider Operations, Fundraising and Marketing directorate.

Nursing & Midwifery Education JOB DESCRIPTION. HSC Clinical Education Centre Altnagelvin Area Hospital Site

KEY RESPONSIBILITIES:

POSITION DESCRIPTION PSYCHOLOGIST

JOB TITLE: Senior Project Officer CLASS: ASO6 POSITION NO:

JOB DESCRIPTION. T&T Security and Resilience Manager. Technology and Telecommunications. Bedford, Chelmsford or Norwich

Job Description. Radiography Services Manager

Ambulance Victoria Position Description

River Clyde Homes: Officer Service Desk Analyst

Position Description

POSITION DESCRIPTION. Web Content Manager

ROLE DESCRIPTION. Location: National Office Wellington Delegation level: N/A. Role of Tertiary Education Commission (Te Amorangi Matauranga Matua)

Transcription:

Position Description NZIC SIEM Analyst Business unit: Responsible to: Position purpose: Information Technology Security team SIEM Team Leader The Security Information and Event Management (SIEM) Analyst analyses enterprise log data for anomalous behaviour to determine security threats to the business. This role requires a high level of trust, personal integrity and discretion. Direct reports: Financial delegation: Nil Nil Remuneration indicator: $55,345 - $69,181 Date evaluated: 25/2/ 15 GCSB mission and values Our mission Protecting and Enhancing New Zealand s Security and Wellbeing. Our values Respect, Commitment, Integrity, Courage. Date: PAGE 1

Functional relationships External contacts: New Zealand Intelligence Community 5Eyes International Partners Internal contacts: All staff and Managers of the GCSB to understand business practices IT support to aid in log collection External government agencies as required Personnel Security to assist in investigations Objectives The position of SIEM Analyst encompasses the following major functions or objectives: The role must understand the business environment, correlate seemingly disparate events, comply with national and international guidelines and standards, liaise with personnel security and international counterparts, and provide regular reports and security recommendations. The role is responsible for: log analysis, enterprise monitoring for anomalous behaviour, providing evidence to aid investigations, report writing, providing security requirements and responding to security incidents The requirements in the above objectives are broadly identified below: Jobholder is accountable for: Jobholder is successful when: Monitoring, Analysis and Reporting Ensure compliance with internal, national and international standards and guidelines Examine and analyse large amounts of data to discover threats to security Write solution oriented reports that are focussed on problems and clearly outline solutions to these problems. Security metrics and measures are defined and reported to relevant stakeholders. Monitors and interprets events, initial analysis or triage of events Conducts specialised analysis when triggered by a monitored event request Reports and recommended responses - intel reporting Work with counterparts to further investigate efforts Trend analysis Identify capability building requirements Profile analysis for use cases Embrace and implement directed change Identify areas for process improvements Date: PAGE 2

Managing Relationships Building business partnerships across the NZIC Management of day to day relationships within the SIEM team, Personnel Security and IT support units As and when required, liaise with NZIC & international partners, including contribution to working groups Precise performance measures for this position will be developed in discussion between the jobholder and manager as part of the performance development and review process. It is also expected that you will undertake other duties that can be reasonably be regarded as relevant to the position, your experience and capability. Person specification Qualifications Essential: Desirable: Tertiary level qualification (Bachelor level) or equivalent experience in Information Technology, Computer Science or equivalent, with an emphasis on information security. At least one year experience in IT Security Experience with log analysis tools Operating System Certification: MCITP, MCSE, RHCSA, etc. IT Security Certification: CISSP, CSSP, GIAC, etc. Knowledge/experience Essential: Desirable: Experience in writing analytical reports Proven analytical experience with auditing and log analysis Embrace and implement directed change Proven team leadership skills Identify areas for process improvement Must hold New Zealand citizenship Must be suitable to be granted and retain a high level of security clearance Must be prepared to undertake both national and international travel Personal attributes Date: PAGE 3

Results oriented with a demonstrable commitment to perform. Thinks critically and logically. Excellent communication and interpersonal skills. The ability to be self-motivated, flexible and a team player. An ability and desire to learn new and sometimes complex skills. Demonstrate sound judgment, tact and integrity in dealing with sensitive issues. Excellent organisational skills and the ability to prioritise and work to deadlines. Displays initiative and self-confidence. The resilience to operate under pressure and correctly identify and assess risk, and make justifiable operational decisions. Core competencies Core competencies are based on and consistent with our values. They describe qualities that are common requirements for all GCSB staff at differing levels in the organisation, irrespective of their specialist skills or the particular requirements of their job. They are complemented by specialist competencies, which (where applicable) are set out in individual performance agreements. All employees are measured against the following core competencies as part of performance development and review: Security Teamwork and leadership Results focus Communication and knowledge sharing Professionalism Innovation Customer focus. Changes to position description Positions in the GCSB may change over time as the organisation develops. Therefore we are committed to maintaining a flexible organisation structure that best enables us to meet changing market and customer needs. Responsibilities for this position may change over time as the job evolves. Such change may be initiated as necessary by the manager of this position. This position description may be reviewed as part of planning for the annual performance cycle. Health and safety GCSB is committed to providing a healthy and safe work environment and management practices for all employees. Employees are expected to share this commitment as outlined in the Health and Safety in Employment Act by taking all practicable steps to ensure: a. The employee s safety while at work; and b. That no action or inaction of the employee while at work causes harm to any other person. Date: PAGE 4

Knowledge management Employees are responsible for ensuring that all business records created are accessible and stored in the correct manner according to GCSB record keeping policy, standards, and procedures. Employee: Date: Manager: Date: Date: PAGE 5