About Laing O’Rourke

Laing O’Rourke is a $6 billion international operation with over 50 years of involvement in Australian construction and infrastructure including more than a decade under the Laing O’Rourke banner. We are currently delivering some of Australia’s most exciting projects across the transport, building construction, defence, airports, mining, civil and social infrastructure sectors. Laing O’Rourke is committed to becoming the recognised leader for innovation and excellence in the construction industry. Laing O’Rourke is proud to hold the Workplace Gender Equality Agency (WGEA) Citation - Employer of Choice for Gender Equality.

About the role

As a Security Analyst within the Information Technology Security Team, you will be responsible for the active monitoring and analysis of security events raised from various security platforms. You will provide initial security event diagnosis and assessments, remediation and escalate findings appropriately.

Key responsibilities

• Incident Management – management of security incidents including monitoring and manage all local security breaches and handling of root cause analysis and impact, taking appropriate action to prevent recurrence wherever possible.
• Review and monitor information technology security control environment, ensuring that all risks have been identified, prioritised and remediation activities planned and executed. This includes but is not limited to:
  • Action incidents from the external SOC
  • Patch Management
  • Review and action incidents with the Azure Security portal
  • Endpoint Protection Management
  • Perimeter Access Controls
  • Security assessment and penetration test findings
  • Privileged access reviews
  • Compliance to relevant standards and certifications

• Applying current Incident Response playbooks
• Improving security controls to ensure that our services remain protected and available for all business units.
• Ensure standards and guidelines are continuously evolving to consider new and emerging cyber security risks, new technologies and regulatory requirements.
• Providing input into the planning, design and implementation of the overall IT Security and Risk management process and strategy.
• Ensuring that appropriate documentation and processes are utilised to record configuration and system information as per defined controls and procedures.
• As part of this role you will interact with the UK-based IT Security Team and managed SOC, technical specialists and senior management.
• Provide input into the development of the cyber security awareness capability across all business units.
• Conducting security assessments of potential new technologies and platforms for use by the business and IT.

About you

• Possess strong security analytical skills
• Experience in a SOC, Incident Response or Forensic Investigation would be highly regarded
• Experience with SIEM technologies such as Splunk/Sentinel would be highly regarded
• Experience with cloud security technologies such as Microsoft Azure/Office 365 security stack would be highly regarded
• Experience with Endpoint AV and EDR, vulnerability management, web proxy, UTM
• Experience with Information Security testing and requirements gathering
• A strong awareness of effective security operations and monitoring
• Demonstrable experience of troubleshooting and handling of security incidents in a complex enterprise environment with multiple stakeholders
• Ability to research problems and identify solutions
• Minimum of two years’ experience in a security operations environment
• Experience with management of network security infrastructure
• Strong understanding of security principles and best practice
• A degree in Information Technology (or similar) and/or Industry Security Certification (Security+, CEH) will be highly regarded
• Must have strong communication skills (oral and written) and be an effective technical consultant with other technical, decision support and business teams.

This is an exciting role that would ideally suit a dynamic, experienced IT professional that has come from a security role and is seeking to join a world leader in Engineering and Construction.

Benefits

We work hard to create an environment that brings out the best in our people. We believe in building careers through providing a safe, connected and innovative culture that supports ongoing growth and development. We offer industry-leading benefits such as specialised learning and development programs, a mental health and wellbeing program, industry leading paid parental leave policy, family friendly work practices, additional purchased leave option and coaching programs for staff on parental leave.

Diversity & Inclusion

We are committed to building a workforce that reflects the diverse society in which we live and work. We recognise the increasing importance of flexible work arrangements and family friendly work practices to enable and maintain a diverse, adaptive and high performing workforce.

As a proud RAP organisation, Laing O'Rourke is committed to achieving a diverse workforce and strongly encourages applications from Aboriginal and Torres Strait Islanders and people from culturally diverse backgrounds. Download our Innovate Reconciliation Action Plan at www.laingorourke.com

Applications from recruitment agencies will not be considered.