Cyber Security Analyst

Job Description

Who we are and what we offer:

Interested in shaping skylines across the globe?

Multiplex is a premier construction company with a simple purpose: to construct a better future. As part of our team, you'll have the opportunity to help deliver some of the world's most iconic projects, supported by approachable leadership and an inclusive culture that puts our people first.

Supporting the business, Multiplex has a Global IT division with colleagues located across Australia, UAE, UK, and Canada working to an operating model based on the principles of Design, Build, Run, and Enable.

It's an exciting time to join the IT team at Multiplex as we pursue our strategy to modernise the business through digital technology. Alongside our Digital Transformation team, we are working on initiatives to leverage data and technology to improve the operational efficiency of our business. The Global IT division is committed to providing certainty of service and technology solutions that just work, ensuring the business is built to outperform.

With 110+ colleagues in the Multiplex Global IT division, we have roles across the full IT lifecycle from designing IT solutions, delivering change projects, to the business-as-usual running of our IT infrastructure, all while ensuring we are safe, secure and compliant.

You will also have access to a range of holistic benefits including:

• Bonus schemes, annual remuneration reviews and salary continuance insurance.
• Health and Wellbeing programs, including annual voluntary skin and health checks.
• Benefits to support parents and families, including 20 weeks paid parental leave regardless of gender, payment of superannuation on unpaid leave, and transition coaching.
• Professional career development opportunities and a wealth of learning offerings through the Multiplex Learning Academy.
• An industry-leading approach to flexible work to enable better work-life balance.

Who we're looking for:

Our people are united by a common belief: that we can outperform in everything we do.

Reporting to the Global Cyber Security Manager, the Cyber Security Analyst will assist with implementing the cyber security strategy, architecture, and practices to address cybersecurity and digital business risks. Analysing the current environment and help the cyber function develop an appropriate cybersecurity framework to meet business and regulatory requirements, the Cyber Security Analyst works closely and consistently with a variety of stakeholders to ensure the framework is aligned with business goals.

Some of the key responsibilities include defining and managing privileged access, help develop security strategy plans and maintaining security architecture artifacts. Provide security planning advice, review, and update security procedures, conduct threat modelling, and perform security assessments. Additionally, you will monitor and advise on security tickets, security incidents, validate IT infrastructure, oversee change management for security rulesets, and conduct vendor security assessments.

The successful candidate will have strong communication skills to clearly explain complex security issues to both technical and non-technical stakeholders, as well as teamwork and collaboration abilities. Have strong analytical skills to identify patterns, anomalies, and potential threats from large volumes of data. Have familiarity with current cybersecurity trends such as Zero Trust, Extended Detection and Response (XDR), or AI-driven security analytics. Have had involvement in security awareness programs or training employees, which is increasingly important for reducing human risk factors. And will have experience being responsible for incident response coordination, investigation, and remediation, as well as staying current with threat intelligence to proactively defend against emerging threats.

This role may be located in Perth or Sydney australia.

To be successful in this role you will have:

• 2-4 years' experience in a similar role where you could hit the ground running in this position.
• Bachelor's or master's degree in computer science, information systems, cybersecurity, or a related field.
• Knowledge of ISO27001, Sarbanes-Oxley Act, GDPR, Essential Eight, and Privacy Principles.
• Expertise in Ethical Hacking and NIST Cybersecurity Framework (CSF).
• Certifications such as ISC2's CISSP, ISACA's CISA, The Open Group's TOGAF, and SANS' GAIC.

In addition, you will have:

• Experience with architecture methodologies such as SABSA, Zachman, and TOGAF.
• Hands-on experience managing security infrastructure (firewalls, IPSs, WAFs, endpoint protection, SIEM, log management, Zscaler, Proofpoint).
• Proven experience in reviewing security vulnerabilities.
• Proficiency with vulnerability management toolsets.
• Strong knowledge of threat-modelling methodologies.
• Full-stack IT infrastructure knowledge (applications, databases, operating systems, hypervisors, IP networks, storage networks, backup networks).
• Strong understanding of IT service management (ITIL disciplines: change, configuration, asset, incident, problem management).
• Experience and understanding of how applications, services and infrastructure are deployed into public cloud services (AWS, Microsoft Azure).

A note on diversity:

Diversity is about celebrating the ways we are all different and appreciating the unique qualities that every employee brings. We invite applications from people of all genders, cultures and walks of life. Research shows that women and people from underrepresented groups are less like to apply for roles if they don't meet every qualification. So even if you don't match all the criteria - if you are passionate about helping to construct a better future, we'd love to hear from you.

We are committed to providing a barrier-free work environment and can support with reasonable adjustments at any stage of the recruitment process. Simply inform our Talent Acquisition team during your conversation with them.

#LI-JR1