At ANZ we're applying new ways technology and data can be harnessed as we work towards a common goal: to improve the financial wellbeing and sustainability of our millions of customers.  

Banking is changing, giving our people fascinating challenges to solve - helping them build their skills, while they build the ANZ of the future. 

About the Role

As an Analyst in our Security Operations Centre (SOC), you’ll play a key role in helping to identify and respond to Computer Security Incidents which have been identified within the ANZ environment.  This role requires the individual to work as part of the Global Security Operations Centre and be able to action a series of steps to perform initial assessment, investigation, remediation and where necessary, handle complex incidents escalations coming from Junior analysts.

The role will provide expertise and strong technical focus on Security Incident Response and Management in their day-to-day work. Because the incumbent has higher technical proficiency and expertise, he/she is expected to mentor Junior Security Analysts and should be able to handle escalations of complex security incidents. The successful candidate is also expected to monitor health of the security tools and platforms to ensure availability of event source logging, other security controls and tools, and coordinate with platform teams issues that impacts Security Operations Centre’s Incident Response and Management.  It is expected that the successful candidate be engaged in research and developing innovative ways to identify and detect evolving threats and work on initiatives to improve the bank's security posture. Lastly, the role requires that the individual work across scheduled rotating shifts to support delivery of a 24x7 service.

If reinventing the wheel is in your wheelhouse, you've found the right place.

Role Location: MDC 100 Building, Eastwood, Libis, Quezon CIty

Role Type: Permanent, Full-time

Shift Schedule: Must be willing to work on 24x7 shifting schedule

What will your day look like?

As an Analyst, you will also be responsible for the following:

• Ensure ANZ staff are satisfied with the security services provided by the Security Operations Centre (Level 1) function
• Conduct continuous improvement initiatives to uplift and mature the Security Operations Centre (Level 1) function
• Identify and propose amendments of any playbook work instructions or processes which need to amended for optimisations or regulatory requirements
• On-going development and maintenance of rulesets in the various security toolsets operating within ANZ
• Support the infrastructure and availability of SIEM solution, including monitoring the health of the environment and working with platform teams to ensure event source are logging appropriately
• Participate in cross-training skills & ensure no critical/key person risks with regards to responding to security incidents, following in-house security incident response procedures or operating any of the security toolsets that are used within the SOC
• Investigate major security compromises end-to-end and coordinating a cohesive response involving multiple teams across ANZ
• Perform hunting for unknown cyber threats using profiling techniques to find unusual or anomalous activity which has not been detected by vendor signatures
• Mentor junior analysts to continuously build the capability of the team

What will you bring?

To grow and be successful in this role, you will ideally bring the following:

• Proven years of experience working in Threat Hunting, Security Operations, Incident Response or Threat Intelligence.
• Experience in responding to Security incidents or Major Security Incidents by performing host based and network forensics as well investigation of security appliance and application logs to determine what activities an attacker has performed in order to: (1) ensure the attacker is successfully removed from the network and (2) provide an understanding of exposure to senior executives where it is required
• Intermediate understanding of best practices in network security, security operations, systems security, policy, and incident response
• Intermediate Technical understanding of application security, infrastructure security, digital forensics, malware analysis, or some combination
• Intermediate Understanding of security vulnerabilities, attacker exploit techniques, and methods for their remediation
• Knowledge of general Cyber/Information Security concepts, particularly security in the cloud
• Basic to Intermediate scripting skills (e.g., Python, C, C++, Java, Ruby, or PowerShell)

You’re not expected to have 100% of these skills. At ANZ a growth mindset is at the heart of our culture, so if you have most of these things in your toolbox, we’d love to hear from you.

So why join us?

ANZ provides banking and financial services and operates across more than 30 markets. We are among the top 4 banks in Australia, the largest banking group in New Zealand and Pacific, and among the top 50 banks in the world. With more than 2,000 people, our team in Manilla play a critical role in executing our strategy and deliver what matters most to our customers and the bank. We continue to grow our professional services capabilities to support our customers around the world.  Our expertise and services make us a bank, and our people, purpose, and culture makes us ANZ. We’re proud of the inclusive culture we’re renowned for where 90% of our people feel they belong.

We provide our people with a range of benefits including access to health and wellbeing services.  We also have flexible working options so that our people can “make work, work for them”.

We welcome applications from everyone and encourage you to talk to us about any adjustments you may require to our recruitment process or the role itself. If you are a candidate with a disability, let us know how we can provide you with additional support.

To find out more about working at ANZ visit  https://www.anz.com/careers/. You can apply for this role by visiting ANZ Careers and searching for reference number 64611.

Posting will end on 17 May 2024