Incident Response

7 months ago


Sydney, Australia Bank of America Full time

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us

Incident Management is part of the Response and Recovery whose aim is to respond to an incident in the manner that will reduce the impact and risk to the organization as much as possible. The Incident Manager will be required to take charge of Information Security events and incidents as they occur and co-ordinate and work collaboratively with colleagues across the business to resolution.

**Responsibilities**:

- Establish oversight of information security events and incidents and communicate analysis, containment and remediation efforts to all business partners.
- Incident response and recovery plans will be available to use and should be maintained by the team. Any issues that require management escalation will be expected to be completed in a timely manner including all appropriate information in relation to risk and action times.
- The Incident Manager will be expected to provide status updates and post-incident reports for executives and stakeholders in non-technical terms encompassing risk, impact, likelihood, containment and remediation activities and threat actors.
- Risk management including briefing and recommending actions to executive leadership within Global Information Security and other business partners on events and incidents
- The incident manager will be part of a global 24/7 rotation and there is a requirement to work 8-10 weekends per year on an on-call basis as a primary contact and 8-10 weekends as a secondary contact. There will also be a requirement to cover the majority of US holidays.
- Perform real-time analysis and trending of security log data from various security devices and systems.
- Maintain data sources feeding the log monitoring system, develop and maintain detection and alerting rules.
- Respond to user incident reports and evaluates the type and severity of security events.
- Execute initial triage of incidents to rule out false positives.
- Identify recurring security issues and risks and develops mitigation plans and recommends process improvements.
- Establish escalation processes for security incidents and develops contingency plans and disaster recovery procedures.

**Skills**:

- Proven experience handling Information Security related events and incidents
- Experience in an operations focused role with an emphasis on incident response
- Demonstrable experience in the coordination of containment activities related to cyber security incidents
- Familiarity with security vulnerabilities exploits and APT tools, techniques and procedures
- Familiarity with network security vulnerabilities, exploits, malware and digital forensics desirable
- An excellent communicator who can adapt to their audience
- Decisive and can make difficult decisions in what can be a high pressure environment
- Exercise independent judgment in methods, techniques and evaluation criteria for obtaining results
- Able to handle multiple competing priorities in a fast-paced environment and take action without causing an undue delay
- Supportive and can work well as part of a team as well as independently
- Ability to remain calm under pressure
- Ability to work in a strong team-orientated environment with a sense of urgency and resilience
- Must be able to think outside the box and develop solutions to accomplish seemingly impossible tasks whilst remaining risk and objective focused


  • Incident Response Lead

    2 months ago


    Sydney, Australia Brennan IT Full time

    **Why work for Brennan?** At Brennan, we aim to lead, not follow. One of the ways we do this is through an open diverse culture that values performance, where anyone in the team can bring new ideas to the table and see them thrive. Our people are empowered, unique, considerate, supportive, trusting, and accepting being the cornerstone of the business....


  • Sydney, New South Wales, Australia NCC Group Full time

    The Opportunity: As a Principal Cyber Incident Response Consultant at NCC Group, you will be part of a well-established team that collaborates with various divisions within our business. You will work closely with the Cyber Incident Response Team, Threat Intelligence teams, Security Operations Centre teams, and our esteemed Red Team.Key...


  • Sydney, Australia Commonwealth Bank Full time

    **_You are _**_a problem solver with a strong technical background in Incident Responds (IR) and or Security Operations Centre (SOC). _ - **_We are _**_one of the largest Cyber Security Practices in the Southern Hemisphere. _ - **_Together we can _**_contribute to protecting the Group, Customers and Community. _ **Do work that matters**: We're building...

  • Principal Consultant

    6 months ago


    Sydney, Australia Palo Alto Networks Full time

    Company Description **Our Mission** At Palo Alto Networks® everything starts and ends with our mission: Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are...


  • Sydney, New South Wales, Australia Arctic Wolf Full time

    About the Role:Arctic Wolf, a leading provider of security operations in the rapidly growing cybersecurity industry, seeks an experienced and skilled Senior Incident Response Specialist to join its esteemed team. This role presents an exceptional opportunity for individuals with a strong background in IT and a desire to transition into digital forensics.The...


  • Sydney, New South Wales, Australia Dynatrace Full time

    We are seeking an experienced Incident Commander to lead our incident management team in ensuring best-in-class reliability and shaping incident response for our customers.Key Responsibilities:Incident Coordination: Manage high-severity incidents, leading temporary response teams to ensure timely resolution and minimal business impact.Analysis and...


  • Sydney, New South Wales, Australia Dynatrace Full time

    System Reliability and Resilience EngineerAt Dynatrace, we're shaping the future of software intelligence and performance monitoring.We're seeking an exceptional System Reliability and Resilience Engineer to join our team as a Critical Incident Response Lead. This is a critical role where you'll lead incident response efforts, ensuring timely resolution and...


  • Sydney, Australia The Decipher Bureau Full time

    The Company  Join an ASX-listed organisation that has one of Australia’s largest cybersecurity practices, which are expanding their new cyber defence team. Following the recent high-profile incidents in Australia, this organisation has taken a proactive approach, identifying the need to build a new cloud security capability. Just 18 months later, this...


  • North Sydney, Australia Amazon Support Services Pty Ltd Full time

    AWS Incident Response is at the heart of high availability of Amazon Web Services. We make customer impacting events shorter and less frequent by providing large scale event and incident management. Our automated tooling quickly identies the cause of an issue and helps mitigate its impact, and much of our engineer time is spent on projects to improve the...


  • Sydney, New South Wales, Australia Arctic Wolf Full time

    Arctic Wolf is a leader in security operations in the exciting and fast-growing industry of cybersecurity. Our mission is simple: End Cyber Risk. We're looking for an experienced Cybersecurity Incident Response Specialist to join our team.About the Role:We are actively seeking highly experienced and technical Sr. Engineers for our Incident Response Team....

  • Digital Forensics

    6 months ago


    Sydney, Australia Sustainability Consulting Full time

    Permanent Position / up to $150k inc sup *Salary Negotiable - WFH Remote in Australia (Sydney Preference) - Fantastic Culture + Career Development Opportunities Join one of Australia’s leading cybersecurity providers driving real innovation in cybersecurity and incident response. An exciting time to join an organisation going through expansive growth and...

  • Digital Forensics

    6 months ago


    Sydney, Australia Decipher Bureau Full time

    Remote WFH Australia-wide / HQ in Sydney - Permanent Position: Up to $200k + super (negotiable) - Access to the best training & development for career growth **Company**: We're partnering with a renowned global information security specialist expanding its presence in Australia. With a strong research focus and established nationwide offices, this...


  • Sydney, New South Wales, Australia Arctic Wolf Full time

    At Arctic Wolf, we're committed to delivering exceptional customer experiences and exceeding industry standards in cybersecurity operations.We're seeking a highly experienced Cybersecurity Incident Response Specialist to join our team. As a key member of our incident response team, you'll play a vital role in helping our clients respond to and recover from...


  • Sydney, Australia Commonwealth Bank of Australia Full time

    Cloud Incident Response Manager - Azure - **You are** a problem solver with technical experience in cloud security, specialising across Azure services and solutions. - **We are** one of the largest Cyber Security teams in the southern hemisphere. - **Together we** will build tomorrow's bank today, using world-leading engineering, technology, and...


  • Sydney, Australia Arctic Wolf Full time

    Arctic Wolf, with its unicorn valuation, is the leader in security operations in an exciting and fast-growing industry—cybersecurity. We have won countless awards for our excellence in security operations and remain dedicated to providing an industry-leading customer and employee experience.  Our mission is simple: End Cyber Risk. We’re looking for a ...


  • Sydney, New South Wales, Australia Arctic Wolf Full time

    About the RoleWe are seeking a highly skilled Senior Incident Response Expert to join our team at Arctic Wolf. This individual will play a critical role in helping our clients respond to and recover from cyberattacks.


  • Sydney, New South Wales, Australia Cisco Full time

    Cisco is seeking a skilled Incident Commander to join our Threat Management Response team. As an Incident Commander, you will play a critical role in ensuring the security and integrity of our systems and data.Job SummaryWe are looking for a highly motivated and experienced Incident Commander to lead our response efforts in the event of a security incident....


  • Sydney, Australia Amazon Full time

    DESCRIPTIONAmazon is seeking for a qualified Security Engineer to join our innovative, high energy Information Security team and work within the Security Incident Response Team (SIRT) in Sydney. SIRT Security Engineers respond to security events, conduct analysis of threats such as malware and intrusion attempts, and provide security services to safeguard...


  • Sydney, Australia Atlassian Full time

    Overview: **Working at Atlassian** Atlassians can choose where they work - whether in an office, from home, or a combination of the two. That way, Atlassians have more control over supporting their family, personal goals, and other priorities. We can hire people in any country where we have a legal entity. Interviews and onboarding are conducted virtually,...


  • Sydney, New South Wales, Australia Amazon Full time

    Amazon is seeking an exceptional incident manager to join its world-class Central Technical Operations Services (C-TOS) team. As the first line of defense for maintaining high availability on the Amazon Retail Website, our C-TOS group provides critical incident response and management for the entire Amazon ecosystem.This role involves driving down mean time...