Incident Response Manager

• You are a problem solver with a strong technical background in Incident Responds (IR) and or Security Operations Centre (SOC).

• We are one of the largest Cyber Security Practices in the Southern Hemisphere.

• Together we can contribute to protecting the Group, Customers and Community.

Do work that matters:

We're building tomorrow’s bank today, which means we need creative and diverse engineers to help us redefine what customers expect from a bank. Envisioning new technologies that are still waiting to be invented and reimagining products that support our customers and help build Australia’s future economy.

CommBank is recognised as leading the industry in IT and operations with its world-class platforms and processes, agile IT infrastructure, and innovation in everything from payments to internet banking and mobile apps. Cyber Security protects the bank and our customers from theft, losses and risk events, through effective and proactive management of cyber security, privacy and operational risk.

See yourself in our team:  

The CBA technology unit delivers the best digital banking services to Commonwealth Bank customers and to do so is responsible for digital delivery, group data and analytics, technology and technology infrastructure, cyber, fraud, physical security and business resilience for all divisions across CBA. It is also dedicated to delivering the best workplace technology experience for our over 53.000 people across CBA and focused on providing the latest tools, technology, and resources to enhance the way we work together and empower our people to achieve more for our customers.

The mission of the Group’s Cyber Detection and Response team is to provide a high-performing, reliable, and sustainable assurances to detect, contain, and remediate attacks from cyber threats against the Group’s digital ecosystem.

As the Incident Response Manager, you be part of a highly skilled and experienced team of specialists across the organisations wider Cyber Attack Response Team. You will be a hands on technical subject matter expert (SME) leading and managing major and critical incident and initiatives.

While having no direct reports you will be guiding and mentoring Incident Responders across your crew and consulting key stakholders on technical and functional solutions and initiatives.

Your impact and contribution:

• Analyse data and logs to establish context and scope the full attack path of cyber-attacks in a methodical, accurate and descriptive manner.

• Command high priority incidents, including the driving of technical tasks to team members, development of remediation planning, working with the business on implementing the remediation plan through to the full recovery of systems impacted.

• Maintain incident response documentation, lead post incident review activities, and write incident reports.

• Partake in an “on-call” roster where required to ensure out-of-hours incident response coverage.

• Demonstrate thought leadership in the enhancement of incident response capabilities, including the running of brown bags and liaison with other teams.

• Participate in threat hunt and purple team activities to identify areas for improvement.

• Manage a variety of projects and initiatives

We’re interested in hearing from people who are: 

You will bring:

• Proficient and highly experience in Incident Response (IR) or Security Operations Centre (SOC) essential.

• Highly technical across a broad set of systems and infrastructure.

• Able to articulate technical concepts while catering to different audiences is essential.

• Able to deal with pressure and be adaptive to change during major incidents.

• Proficient in Splunk or similar SIEM technologies.

• Expertise with malware analysis, intrusion detection, coding/scripting and other incident response specialisations essential.

If this role is of interested to you, please apply directly or reach out to have a confidential discussion in more detail.

Advertising End Date: 26/10/2024