Share this Job

Data Analyst - Cyber Security

Date: 04-Jun-2021

Location: Canberra, AU

Company: Nominet




Our name may not be familiar, so here’s a bit about us. We’ve been running the UK’s national internet namespace for a quarter of a century, sitting proudly at the heart of the UK's critical digital infrastructure. Such a responsibility requires world-leading cyber security and we’ve gaining a reputation for our innovative new security solutions, protecting our own systems and beyond.

Nominet designs, builds and operates DNS solutions to protect digital economies at scale. Our Protective DNS Solution disrupts cyber-attacks, offering situational awareness and automated protection across essential public services, supply chains and infrastructure. We do this to enable connectivity, inclusivity, and security for our world - and create a vibrant digital future.




Competitive salary depending on experience, plus excellent benefits including a 10% bonus




As a Data  Analyst - Cyber Security, your primary role and responsibility will be to provide operational support and ensure ongoing performance and running of the Protective DNS (PDNS) service. This will involve monitoring DNS traffic using a variety of proprietary and open-source systems and tools. You will use your knowledge of DNS and cyber threat behaviour to detect suspicious events, suggest appropriate responses, and react proactively by reaching out to the Authority and/or end customers as appropriate.

But there’s a whole lot more to this role too.

  • Detect, analyse, explore, and present findings on cyber security threats discovered via PDNS.
  • Use open-source and proprietary tools to explore large quantities of DNS and network data to find anomalous behaviour that is indicative of cyber threats. 
  • Work closely with Nominet staff and customers to make PDNS technical changes in response to cyber security threats and DNS activity, for example, blocking malicious domains from resolving.
  • Provide clear insight into customer DNS data in the form of authored reports, delivering presentations, and producing data output to assist further analysis and customer outreach.
  • Proactively seek to identify possible false positives to minimise operational impact on PDNS customers.
  • Work with threat feed providers to improve the quality of their feeds to positively impact PDNS customers.
  • Support Customer Support teams to evaluate and action changes in response to customer requests, often with very strict SLAs.
  • Communicate strategically, describing technical and non-technical findings in a way to suit the audience.
  • Offer input to the design and development of Nominet’s DNS analysis tools.
  • Continually develop your and your team's knowledge of cyber security Tactics, Techniques, and Procedures (TTP) that are relevant to the running of a DNS resolver. 
  • Investigating and engaging with new trends, technologies and software in cyber



To be a great fit for our team, you’ll be a proactive individual who takes an interest in both Internet protocols and examining large datasets to find cyber security threats and trends. You’ll use analytical mind to seek out trends in data and examine these trends to proactively identify any threats or anomalies which may cause breaches in cyber security. Ideally, you will have a background within incident management as well as understanding of SOC procedures.

You’ll have a real interest and enthusiasm for working on real data that will make a difference to the security of internet infrastructure. You’ll bring fresh and exciting ideas to the role and have a very inquisitive and analytical mind. This analytical mindset will enable you to proactively look at system log files to uncover patterns or anomalies which may indicate security threats


In terms of the nitty-gritty...you’ll also have…


  • A good understanding of DNS.
  • Experience in working with Internet protocols and routing including UDP, TCP,  BGP, anycast
  • Established experience in the collection, organization, analysis, interpretation, and presentation of data.
  • Significant scripting or coding experience with an appropriate programming language such as Python.
  • Experience using the Linux command line to explore system logs, for example using grep, cut, sort, uniq.
  • Working knowledge of different database types and the ability to learn new data interfaces.
  • The ability to break-down, and methodically solve complex problems.



Job Segment: Database, Linux, Open Source, Technology