Security Analyst

WiseTech Global is a world-leading software company building software for the global logistics industry. We are united in our mission to create breakthrough products that enable and empower those who own and operate the supply chains of the world. Our software products are relied upon by the top 25 freight-forwarding companies globally as well as over 18, other logistics businesses.

We’re an Engineer lead company, with a focus on building secure, scalable products. It goes without saying that protecting the data of the world’s largest freight forwarders is critical to the function of the international supply chain, so as a Security Analyst, you will be crucial to the protection and defence of thousands of users globally.

Key Responsibilities

Investigate security incidents and breaches to identify root causes and recommend improvements.
Engage in testing and monitoring the performance of systems and services, making sure that security requirements are met.
Maintain strong working relationships, work collaboratively, and share ideas, knowledge and experience with team members as required.
Assist in continuously updating the company’s security incident, data breach response and disaster recovery plans.
Undertake threat detection practices.
Undertake security hardening support practices with teams.
Vulnerability management to analyse findings from vulnerability reports, assist with risk assessments on the vulnerabilities and coordinate remediation and patching activities with system owners.
Taking on a wide variety of security operations tasks on an as needed basis.

Demonstrated Experience & Attributes

Working knowledge of security frameworks, policies and standards such as ISO, PCI DSS, Essential Eight, NIST CSF, and MITRE ATT&CK and applying them into operational context.
Experience with cloud-based services and technologies.
Ability to detect and defend against commonly-used attack tactics, techniques and procedures (TTPs) against known attack surfaces such as identity, email, endpoint, network and cloud.
Passionate about growth and learning. You are continuously finding ways to grow your skills through self-study, technical projects, CTFs and engagement in technical forums.
A background prior to security in IT support/infrastructure would be advantageous (e.g. servers, networking protocols, security controls, O/Azure).
First-hand experience with SIEM platforms, enterprise intrusion prevention systems, endpoint detection and response tools, and other security products.
Able to communicate effectively in verbal and written format with technical and non-technical audiences.
Ability to effectively plan, schedule and adapt to changing priorities, tasks and requirements to meet deadlines.
Ability to work under pressure and at times with limited supervision.
Relevant certification such as CISSP, CCNA, CompTIA Security+, will be highly regarded.