Apply now »

Cyber Defence Analyst - Security Operations Centre

Cyber Defence Analyst - Security Operations Centre

Req ID:  14117
Department:  SOII - Philippines (PH7929772)
Division:  Group Technology (T77000)
Job Family:  Banking / Core (default)
Location:  Quezon City

About the role


  • Be exposed to different stakeholders
  • Work with a team that values collaboration and innovation
  • Join an organisation that supports diversity and equal opportunity employment


Role Location: 30f MDC 100 Building Eastwood City

Shift Schedule: Candidates should be open to 24X7 schedules



This Cyber Defence Analyst - Security Operations Centre is responsible for the identification and responding to Computer Security Incidents which have been identified within the ANZ environment.  This role requires the individual to work as part of the Global Security Operations Centre and be able to action a series of steps to perform initial assessment or where necessary develop new steps and escalation of these incidents for resolution and remediation. 


This role is responsible for providing experienced and educated subject matter experience on the response and handling of security incidents, mentoring other IT Security Analysts (Level 1). This role is responsible for supporting the infrastructure and availability of the ArcSight SIEM solution, including monitoring the health of the environment and working with platform teams to ensure event source are logging appropriately. It is expected that the individual in this role will also actively research and develop new ways of being able to detect incidents and be aware of the general Internet security posture. This role requires that the individual work across rotating shifts to support delivery of a 24x7 service.

The role is also responsible for the following but not limited to:


  • Manage operational costs to achieve agreed financial targets for the Computer Security Incident Response Team (CSIRT) function.
  • Actively monitors and protects ANZ's environment.
  • Ensure ANZ staff are satisfied with the security services provided by the Security Operations Centre (Level 1) function.
  • Provide subject matter expertise to investigate and respond to security incidents and actively protect the environment.
  • Mentor other members of the Security Operations Centre (Level 1) team
  • Conducts continuous improvement initiatives to uplift and mature the Security Operations Centre (Level 1) function.
  • Handling of computer security related incidents occurring at ANZ with specific focus on incidents originating from within the ANZ network and impacting or threatening other ANZ internal systems or threats which are identified outside of the ANZ environment and specifically targeting ANZ.
  • Identification of and propose amendments of any playbook work instructions or processes which need to amended for optimisations or regulatory requirements.
  • On-going development and maintenance of rulesets in the various security toolsets operating within ANZ.
  • Support the infrastructure and availability of the ArcSight SIEM solution, including monitoring the health of the environment and working with platform teams to ensure event source are logging appropriately.
  • Participate in cross-training skills & ensure no critical/key person risks with regards to responding to security incidents, following in-house security incident response procedures or operating any of the security toolsets that are used within the GSOC.
  • Contribute to the professional capability and skilling of the team.

Your experience


  • Knowledge of technical security controls and technology risk management (e.g. ITIL, ISO27001).
  • Thorough understanding of security technologies which are deployed in large ‘Tier  1’ organisations
  • Demonstrated experience supporting critical infrastructure running on Unix and Windows.
  • Knowledge of industry security standards and security threats
  • Detailed security knowledge including technologies such as Malware, Network Intrusion Prevention, Security Information Event Management systems.
  • Experience with relational database systems and health monitoring

About ANZ


At ANZ, everything we do boils down to ‘why’ – our purpose – to shape a world where people and communities thrive. We're just as focused on seeing our people thrive as well as our customers. We'll give you every opportunity to develop your career.


We are responding faster to changing customer requirements, focusing on the things that matter the most, energising our people, eliminating waste and reducing bureaucracy.


A happy workplace is a thriving one. So in order to attract and keep the best talent, and say thanks for the hard work, we make sure all our employees are rewarded.


We work flexibly at ANZ and encourage you to talk to us about how this role can be flexible for you and any adjustments you may require to our recruitment process or the role itself. If you are a candidate with a disability, let us know how we can provide you with additional support.


To find out more about working at ANZ or to view other opportunities visit

Job Posting End Date

image, 11.59pm, (Melbourne Australia)

Apply now »