Cyber Operations Security Analyst

Dynamic Cyber Operations Security Analyst & 2 (Permanent Position)

Based at the Melbourne CBD campus (Hybrid role), and Flexible Working Arrangements.

Work hands-on technical and investigative capability, assisting in the protection of RMIT's people, data, and systems.

The Operations Portfolio enables integrated, enterprise-wide delivery for best practice student and staff experience.

The Portfolio incorporates the following business units : Legal Services, Enabling Services Reform, Enterprise Projects and Business Performance, Data and Analytics, Finance, Procurement, Information and Technology Services, Health, Safety and Risk, Property Services and the Office of the Chief Operating Officer.

The Portfolio houses key delivery functions across the staff and student journeys and enables overall experience for both groups.

It is integral in bringing the RMIT strategy to life across the globe.

Each of these functions supports the University's global operations directly and through its controlled entities.

Information and Technology Services provides RMIT with current and emerging technology systems and services.

Our vision of unleashing technologies to enable great experiences for RMIT communities drives a proactive and leading-edge technology ecosystem that supports the University's commitment to lifelong learning.

Join RMIT's Cybersecurity Operations team and take a hands-on role in real-world security incidents across SIEM, DLP, vulnerability management, and data protection initiatives where your skills make a real impact.

In this role, you'll help protect RMIT's community by actively investigating and responding to cyber threats across enterprise and cloud platforms, supporting a safer digital future for education and research.

• Triage and investigate alerts from our SIEM and EDR platforms.
• Manage incidents escalated from Tier 1 SOC analysts, performing deeper technical investigation and coordination with relevant teams.
• Classify and document incidents following the RMIT CISO Incident Response Framework (aligned to NIST SP ).
• Support forensic evidence collection, log analysis, and containment actions as required.

• Review and investigate incidents generated by DLP, Information Protection Labels, and Data Governance policies.
• Conduct triage of DMARC, spoofing, and phishing-related events, coordinating with the other teams.
• Identify and recommend improvements to Microsoft Purview policies and governance configurations.

• Monitor vulnerability reports.
• Track remediation activities and patch compliance across infrastructure and endpoint environments.

• Assist with maintenance of SIEM and SOAR data connectors, detection logic, and automation workflows.
• Contribute to building detection use cases, dashboards, and playbooks.
• Participate in testing and validating new integrations or security technologies before production rollout.

• Support post-incident reviews, root-cause analysis, and lessons-learned documentation.
• Contribute to knowledge base and playbook updates.
• Participate in tabletop exercises and security awareness initiatives.
• Engage collaboratively with service owners, risk and governance teams, and the broader ITS community.

Please submit your CV and cover letter addressing your suitability for this position by clicking on the "Apply" link below.

For further information about this position, please see the Position Description below.

When you join our team, you'll be able to access a range of benefits : .

From travel to fitness, there is something for everyone.

Applications Close

17 Jan pm

RMIT is an equal-opportunity employer committed to be a child safe organisation.

We are dedicated to attracting, retaining and developing our people regardless of gender identity, ethnicity, sexual orientation, disability and age.

Applications are encouraged from all sectors of the community and we strongly encourage applications from the Aboriginal and / or Torres Strait Islander community.

At RMIT, we are committed to supporting adjustments throughout the recruitment and selection process, as well as during employment.

We actively support and encourage people with disability to apply to RMIT (including alternate formats of application forms).

To discuss adjustment requirements, please contact Dani, via or visit our Careers page for more contact information - .

We are a Circle Back Initiative Employer – we commit to respond to every applicant.