Share this Job

DNS Security Operations Analyst

Date: 04-Jun-2021

Location: Canberra, AU

Company: Nominet



Our name may not be familiar, so here’s a bit about us. We’ve been running the UK’s national internet namespace for a quarter of a century, sitting proudly at the heart of the UK's critical digital infrastructure. Such a responsibility requires world-leading cyber security and we’ve gaining a reputation for our innovative new security solutions, protecting our own systems and beyond.


Nominet designs, builds and operates DNS solutions to protect digital economies at scale. Our Protective DNS Solution disrupts cyber-attacks, offering situational awareness and automated protection across essential public services, supply chains and infrastructure. We do this to enable connectivity, inclusivity, and security for our world - and create a vibrant digital future.


That is what drives us - and the kind of people we want to work with.




Competitive salary depending on experience, plus excellent benefits including a 10% bonus


As a DNS Security Operations Analyst your primary role and responsibility will be to provide operational support and ensure ongoing performance and running of the Protective DNS (PDNS) service. This will involve monitoring DNS traffic using a variety of proprietary and open-source systems and tools. You will use your knowledge of DNS and cyber threat behaviour to detect suspicious events, suggest appropriate responses, and react proactively by reaching out to the Authority and/or end customers as appropriate.

But there’s a whole lot more to this role too.

•    Detect, analyse, explore, and present findings on cyber security threats discovered via PDNS.
•    Use open-source and proprietary tools to explore large quantities of DNS and network data to find anomalous behaviour that is indicative of cyber threats. 
•    Work closely with Nominet staff and customers to make PDNS technical changes in response to cyber security threats and DNS activity, for example, blocking malicious domains from resolving.
•    Provide clear insight into customer DNS data in the form of authored reports, delivering presentations, and producing data output to assist further analysis and customer outreach.
•    Proactively seek to identify possible false positives to minimise operational impact on PDNS customers.
•    Work with threat feed providers to improve the quality of their feeds to positively impact PDNS customers.
•    Support Customer Support teams to evaluate and action changes in response to customer requests, often with very strict SLAs.
•    Communicate strategically, describing technical and non-technical findings in a way to suit the audience.
•    Offer input to the design and development of Nominet’s DNS analysis tools.
•    Continually develop your and your team's knowledge of cyber security Tactics, Techniques, and Procedures (TTP) that are relevant to the running of a DNS resolver. 
•    Investigating and engaging with new trends, technologies and software in cyber


To be a great fit for our team, you’ll be a proactive individual who takes an interest in both Internet protocols and examining large datasets to find cyber security threats and trends. You’ll use your excellent communication skills to translate deeply technical DNS and security behaviour into language and actionable insights that customers can understand. You’ll have a real interest and enthusiasm for working on real data that will make a difference to the security of internet infrastructure. You’ll bring fresh and exciting ideas to the role and have a very inquisitive and analytical mind.

In terms of the nitty-gritty...you’ll also have…

•    A deep understanding of authoritative and recursive DNS.
•    Experience in working with Internet protocols and routing including UDP, TCP, IPv4, IPv6, BGP, anycast, HTTP.
•    Demonstrated knowledge of the cybersecurity landscape, including emerging risks and security solutions.
•    Established experience in the collection, organization, analysis, interpretation, and presentation of data.
•    Significant scripting or coding experience with an appropriate programming language such as Python.
•    Experience using the Linux command line to explore system logs, for example using grep, cut, sort, uniq.
•    Working knowledge of different database types and the ability to learn new data interfaces.
•    Ideally a contributor to open-source projects or the author of security tools.
•    The ability to break-down, and methodically solve complex problems.


We’ve kept our recruitment process concise and slick, much like how we operate our business, and the recruitment team welcomes your contact throughout the process. We’re human beings and we want to help you through this, because applying for jobs can be gruelling. Find out more about us here https://www.nominet.uk/careers/

Job Segment: Database, Linux, Open Source, Technology