Incident Response
7 months ago
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.
One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.
Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.
Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us
Incident Management is part of the Response and Recovery whose aim is to respond to an incident in the manner that will reduce the impact and risk to the organization as much as possible. The Incident Manager will be required to take charge of Information Security events and incidents as they occur and co-ordinate and work collaboratively with colleagues across the business to resolution.
**Responsibilities**:
- Establish oversight of information security events and incidents and communicate analysis, containment and remediation efforts to all business partners.
- Incident response and recovery plans will be available to use and should be maintained by the team. Any issues that require management escalation will be expected to be completed in a timely manner including all appropriate information in relation to risk and action times.
- The Incident Manager will be expected to provide status updates and post-incident reports for executives and stakeholders in non-technical terms encompassing risk, impact, likelihood, containment and remediation activities and threat actors.
- Risk management including briefing and recommending actions to executive leadership within Global Information Security and other business partners on events and incidents
- The incident manager will be part of a global 24/7 rotation and there is a requirement to work 8-10 weekends per year on an on-call basis as a primary contact and 8-10 weekends as a secondary contact. There will also be a requirement to cover the majority of US holidays.
- Perform real-time analysis and trending of security log data from various security devices and systems.
- Maintain data sources feeding the log monitoring system, develop and maintain detection and alerting rules.
- Respond to user incident reports and evaluates the type and severity of security events.
- Execute initial triage of incidents to rule out false positives.
- Identify recurring security issues and risks and develops mitigation plans and recommends process improvements.
- Establish escalation processes for security incidents and develops contingency plans and disaster recovery procedures.
**Skills**:
- Proven experience handling Information Security related events and incidents
- Experience in an operations focused role with an emphasis on incident response
- Demonstrable experience in the coordination of containment activities related to cyber security incidents
- Familiarity with security vulnerabilities exploits and APT tools, techniques and procedures
- Familiarity with network security vulnerabilities, exploits, malware and digital forensics desirable
- An excellent communicator who can adapt to their audience
- Decisive and can make difficult decisions in what can be a high pressure environment
- Exercise independent judgment in methods, techniques and evaluation criteria for obtaining results
- Able to handle multiple competing priorities in a fast-paced environment and take action without causing an undue delay
- Supportive and can work well as part of a team as well as independently
- Ability to remain calm under pressure
- Ability to work in a strong team-orientated environment with a sense of urgency and resilience
- Must be able to think outside the box and develop solutions to accomplish seemingly impossible tasks whilst remaining risk and objective focused
-
Incident Response Lead
2 months ago
Sydney, Australia Brennan IT Full time**Why work for Brennan?** At Brennan, we aim to lead, not follow. One of the ways we do this is through an open diverse culture that values performance, where anyone in the team can bring new ideas to the table and see them thrive. Our people are empowered, unique, considerate, supportive, trusting, and accepting being the cornerstone of the business....
-
Incident Response Strategist
3 weeks ago
Sydney, New South Wales, Australia NCC Group Full timeThe Opportunity: As a Principal Cyber Incident Response Consultant at NCC Group, you will be part of a well-established team that collaborates with various divisions within our business. You will work closely with the Cyber Incident Response Team, Threat Intelligence teams, Security Operations Centre teams, and our esteemed Red Team.Key...
-
Incident Response Manager
3 months ago
Sydney, Australia Commonwealth Bank Full time**_You are _**_a problem solver with a strong technical background in Incident Responds (IR) and or Security Operations Centre (SOC). _ - **_We are _**_one of the largest Cyber Security Practices in the Southern Hemisphere. _ - **_Together we can _**_contribute to protecting the Group, Customers and Community. _ **Do work that matters**: We're building...
-
Principal Consultant
6 months ago
Sydney, Australia Palo Alto Networks Full timeCompany Description **Our Mission** At Palo Alto Networks® everything starts and ends with our mission: Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are...
-
Senior Incident Response Specialist
4 weeks ago
Sydney, New South Wales, Australia Arctic Wolf Full timeAbout the Role:Arctic Wolf, a leading provider of security operations in the rapidly growing cybersecurity industry, seeks an experienced and skilled Senior Incident Response Specialist to join its esteemed team. This role presents an exceptional opportunity for individuals with a strong background in IT and a desire to transition into digital forensics.The...
-
Dynamic Incident Response Leader
4 weeks ago
Sydney, New South Wales, Australia Dynatrace Full timeWe are seeking an experienced Incident Commander to lead our incident management team in ensuring best-in-class reliability and shaping incident response for our customers.Key Responsibilities:Incident Coordination: Manage high-severity incidents, leading temporary response teams to ensure timely resolution and minimal business impact.Analysis and...
-
Critical Incident Response Lead
4 weeks ago
Sydney, New South Wales, Australia Dynatrace Full timeSystem Reliability and Resilience EngineerAt Dynatrace, we're shaping the future of software intelligence and performance monitoring.We're seeking an exceptional System Reliability and Resilience Engineer to join our team as a Critical Incident Response Lead. This is a critical role where you'll lead incident response efforts, ensuring timely resolution and...
-
Cyber Incident Response Manager
2 months ago
Sydney, Australia The Decipher Bureau Full timeThe Company Join an ASX-listed organisation that has one of Australia’s largest cybersecurity practices, which are expanding their new cyber defence team. Following the recent high-profile incidents in Australia, this organisation has taken a proactive approach, identifying the need to build a new cloud security capability. Just 18 months later, this...
-
North Sydney, Australia Amazon Support Services Pty Ltd Full timeAWS Incident Response is at the heart of high availability of Amazon Web Services. We make customer impacting events shorter and less frequent by providing large scale event and incident management. Our automated tooling quickly identies the cause of an issue and helps mitigate its impact, and much of our engineer time is spent on projects to improve the...
-
Cybersecurity Incident Response Specialist
4 weeks ago
Sydney, New South Wales, Australia Arctic Wolf Full timeArctic Wolf is a leader in security operations in the exciting and fast-growing industry of cybersecurity. Our mission is simple: End Cyber Risk. We're looking for an experienced Cybersecurity Incident Response Specialist to join our team.About the Role:We are actively seeking highly experienced and technical Sr. Engineers for our Incident Response Team....
-
Digital Forensics
6 months ago
Sydney, Australia Sustainability Consulting Full timePermanent Position / up to $150k inc sup *Salary Negotiable - WFH Remote in Australia (Sydney Preference) - Fantastic Culture + Career Development Opportunities Join one of Australia’s leading cybersecurity providers driving real innovation in cybersecurity and incident response. An exciting time to join an organisation going through expansive growth and...
-
Digital Forensics
6 months ago
Sydney, Australia Decipher Bureau Full timeRemote WFH Australia-wide / HQ in Sydney - Permanent Position: Up to $200k + super (negotiable) - Access to the best training & development for career growth **Company**: We're partnering with a renowned global information security specialist expanding its presence in Australia. With a strong research focus and established nationwide offices, this...
-
Cybersecurity Incident Response Specialist
3 weeks ago
Sydney, New South Wales, Australia Arctic Wolf Full timeAt Arctic Wolf, we're committed to delivering exceptional customer experiences and exceeding industry standards in cybersecurity operations.We're seeking a highly experienced Cybersecurity Incident Response Specialist to join our team. As a key member of our incident response team, you'll play a vital role in helping our clients respond to and recover from...
-
Cloud Incident Response Manager
4 months ago
Sydney, Australia Commonwealth Bank of Australia Full timeCloud Incident Response Manager - Azure - **You are** a problem solver with technical experience in cloud security, specialising across Azure services and solutions. - **We are** one of the largest Cyber Security teams in the southern hemisphere. - **Together we** will build tomorrow's bank today, using world-leading engineering, technology, and...
-
Incident Response Engagement Manager
6 months ago
Sydney, Australia Arctic Wolf Full timeArctic Wolf, with its unicorn valuation, is the leader in security operations in an exciting and fast-growing industry—cybersecurity. We have won countless awards for our excellence in security operations and remain dedicated to providing an industry-leading customer and employee experience. Our mission is simple: End Cyber Risk. We’re looking for a ...
-
Senior Incident Response Expert
4 weeks ago
Sydney, New South Wales, Australia Arctic Wolf Full timeAbout the RoleWe are seeking a highly skilled Senior Incident Response Expert to join our team at Arctic Wolf. This individual will play a critical role in helping our clients respond to and recover from cyberattacks.
-
Sydney, New South Wales, Australia Cisco Full timeCisco is seeking a skilled Incident Commander to join our Threat Management Response team. As an Incident Commander, you will play a critical role in ensuring the security and integrity of our systems and data.Job SummaryWe are looking for a highly motivated and experienced Incident Commander to lead our response efforts in the event of a security incident....
-
Security Engineer, Incident Response
1 month ago
Sydney, Australia Amazon Full timeDESCRIPTIONAmazon is seeking for a qualified Security Engineer to join our innovative, high energy Information Security team and work within the Security Incident Response Team (SIRT) in Sydney. SIRT Security Engineers respond to security events, conduct analysis of threats such as malware and intrusion attempts, and provide security services to safeguard...
-
Incident Response Regional Manager
2 weeks ago
Sydney, Australia Atlassian Full timeOverview: **Working at Atlassian** Atlassians can choose where they work - whether in an office, from home, or a combination of the two. That way, Atlassians have more control over supporting their family, personal goals, and other priorities. We can hire people in any country where we have a legal entity. Interviews and onboarding are conducted virtually,...
-
Distributed Systems Engineer
4 weeks ago
Sydney, New South Wales, Australia Amazon Full timeAmazon is seeking an exceptional incident manager to join its world-class Central Technical Operations Services (C-TOS) team. As the first line of defense for maintaining high availability on the Amazon Retail Website, our C-TOS group provides critical incident response and management for the entire Amazon ecosystem.This role involves driving down mean time...