Incident Response Consultant

4 weeks ago

Sydney, Australia Mandiant Full time

Company Description

Since 2004, Mandiant has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.

**Job Description**:
The Mandiant Incident Response team is seeking a Consultant to join our industry leading IR team in Australia, providing incident response, threat analysis and incident management services for our clients.

In this role, you will use your incident response skills to help investigate and contain security breaches, proactively hunt for threat actors in client environments, and work with our clients to develop incident response and threat management processes. You will also brief senior executives on threats in their environment and their industry, based on Mandiant’s wealth of threat intelligence.

If you are interested in investigating computer crimes and breaches that make the headlines - and many more that don’t, then this opportunity is for you.

**What You Will Do**:

- Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations
- Present technical material in a clear, organized briefing to a mix of technical and non-technical personnel
- Utilize Mandiant technology to conduct large-scale investigations and examine endpoint and network-based sources of evidence
- Recognize and codify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations
- Build scripts, tools, or methodologies to enhance Mandiant’s incident investigation processes
- Develop and present comprehensive and accurate reports, training and presentations for both technical and executive audiences
- Work with clients’ security and IT operations teams to develop and implement remediation plans in response to incidents
- Maintain current knowledge of threat actor tactics, techniques and procedures
- Maintain current knowledge of forensics and incident response tools, methodologies and best practices

**Qualifications**:

- 3+ years of comparable experience in incident response, security operations, or similar
- Able to effectively communicate investigative findings, processes and remediation actions to technical staff, executive leadership, legal counsel, and internal and external clients
- Experience with at least three of the following:

- Windows disk and memory forensics
- Network Security Monitoring (NSM), network traffic analysis, and log analysis
- Unix or Linux disk and memory forensics
- Static and dynamic malware analysis
- Forensics and log analysis in major cloud platforms (GCP/Azure/AWS)
- Experience and understanding of enterprise security controls in Active Directory/Windows environments
- Experience building scripts, tools, or methodologies to enhance investigation processes
- Must be able to work in Australia without sponsorship

**Desired Qualifications**:

- Able to obtain and hold a security clearance
- Able to travel up to 20%
- Effectively develop documentation and explain technical details in a concise, understandable manner
- Strong time management skills to balance time among multiple tasks
- One or more of the following technical certifications: GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), GIAC Reverse Engineering Malware (GREM), EnCE or equivalent certifications in these areas

Additional Information

At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

  • Incident Response Consultant

    2 weeks ago

    Sydney, New South Wales, Australia SecureWorks Australia Pty Ltd (7380) Full time

    Job Posting Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that secures human progress with Secureworks TaegisTM, a SaaS-based, open XDR platform built on 20+ years of real-world threat intelligence and research, improving customers' ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions....

  • Incident Response Consultant

    2 weeks ago

    Sydney, New South Wales, Australia CrowdStrike Holdings, Inc. Full time

    Incident Response Consultant (Weekends) page is loaded Incident Response Consultant (Weekends) Apply locations Australia - Sydney time type Full time posted on Posted Today job requisition id R17739 #WeAreCrowdStrike and our mission is to stop breaches. As a global leader in cybersecurity, our team changed the game. Since our inception, our market leading...

  • Incident Response Consultant

    2 weeks ago

    Sydney, New South Wales, Australia Crowdstrike Full time

    We Are Crowd Strike and our goal is to prevent security breaches. As a prominent player in the cybersecurity sector, our team has changed the rules of the game. With our cutting-edge cloud-native platform, we offer unmatched protection against advanced cyber threats.We are seeking individuals with boundless passion, an unwavering focus on innovation, and a...

  • Incident Response Consultant

    2 weeks ago

    Sydney, New South Wales, Australia CrowdStrike Full time

    About the Role:Join a top cybersecurity company shaping the futureIncident Response Consultant role availableCollaborative team stopping breaches worldwideSeeking individuals with energy and driveWork under pressure and across the APJ regionExperience in forensics, incident response, and cybersecurity preferredWhat you'll Do:Lead incident response...

  • Principal Consultant

    3 weeks ago

    Sydney, Australia Palo Alto Networks Full time

    Company Description **Our Mission** At Palo Alto Networks® everything starts and ends with our mission: Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are...

  • Senior Incident Response Consultant

    2 weeks ago

    Sydney, New South Wales, Australia The Decipher Bureau Full time

    Security (Information & Communication Technology)Company: We're partnering with a renowned global information security specialist expanding its presence in Australia.With a strong research focus and established nationwide offices, this consulting firm continues to go from strength to strength in the marketThe Role: In response to increasing demand and...

  • Principal Consultant, Incident Response

    2 weeks ago

    Sydney, New South Wales, Australia Palo Alto Networks Full time

    Principal Consultant, Incident Response (Unit 42) Palo Alto Networks Implement Zero Trust, Secure your Network, Cloud workloads, Hybrid Workforce, Leverage Threat Intelligence & Security Consulting. Cybersecurity Services & Education for CISO's, Head of Infrastructure, Network Security Engineers, Cloud... View company page At Palo Alto Networks everything...

  • Consulting Director, Incident Response

    2 weeks ago

    Sydney, New South Wales, Australia Palo Alto Networks, Inc. Full time

    Our Mission At Palo Alto Networks everything starts and ends with our mission: Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and more secure than the one before.We are a company built on the foundation of challenging and disrupting the way things are done, and we're looking for...

  • Principal Consultant, Incident Response

    2 weeks ago

    Sydney, New South Wales, Australia Palo Alto Networks, Inc. Full time

    Our Mission At Palo Alto Networks everything starts and ends with our mission: Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and more secure than the one before.We are a company built on the foundation of challenging and disrupting the way things are done, and we're looking for...

  • Consulting Director, Incident Response

    2 weeks ago

    Sydney, New South Wales, Australia Palo Alto Networks, Inc. Full time

    Our Mission At Palo Alto Networks everything starts and ends with our mission: Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and we're...

  • Principal Consultant, Incident Response

    4 weeks ago

    Sydney, New South Wales, Australia Palo Alto Networks Full time

    Our MissionAt Palo Alto Networks everything starts and ends with our mission:Being the cybersecurity partner of choice, protecting our digital way of life.Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and we're looking for...

  • Principal Consultant, Incident Response

    1 month ago

    Sydney, New South Wales, Australia Palo Alto Networks Full time

    Our MissionAt Palo Alto Networks everything starts and ends with our mission:Being the cybersecurity partner of choice, protecting our digital way of life.Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and we're looking for...

  • Principal Consultant, Incident Response

    2 weeks ago

    Sydney, New South Wales, Australia Palo Alto Networks, Inc. Full time

    Our Mission At Palo Alto Networks everything starts and ends with our mission: Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and we're...

  • Principal Consultant, Incident Response

    2 weeks ago

    Sydney, New South Wales, Australia Palo Alto Networks Full time

    Company Description Our Mission At Palo Alto Networks everything starts and ends with our mission: Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are...

  • Incident Response Consultant

    2 weeks ago

    Sydney, New South Wales, Australia Westpac Group Full time

    Sydney, NSW location:- Night shift work, 24/7 x 365 roster**:Join the Group Protective Services teamHow will I Help?Group Protective Services is part of the Corporate Services (Division) which provides services to the Westpac Group in the areas of Group Property, Group Procurement and Partnerships and Group Protective Services (GPS).GPS purpose is to protect...

  • Incident Response Consultant

    2 weeks ago

    Sydney, New South Wales, Australia Cisco Systems Full time

    Start Date: July months full-time)Location: This role will be 100% remoteOverview:The main purpose of this position is to gain experience while providing support to the Cisco Talos Incident Response (CTIR) Team functions. This position will support the global distributed team which analyses and responds to cyber incidents affecting any of our customersWhat...

  • Incident Response Consultant

    3 months ago

    Sydney, Australia CrowdStrike Australia Pty Limited Full time

    ​​#WeAreCrowdStrike and our mission is to stop breaches. As a global leader in cybersecurity, our team changed the game. Since our inception, our market leading cloud-native platform has offered unparalleled protection against the most sophisticated cyberattacks. We’re looking for people with limitless passion, a relentless focus on innovation and a...

  • Incident Response Consultant

    4 weeks ago

    Sydney, Australia CrowdStrike Australia Pty Limited Full time

    ​​#WeAreCrowdStrike and our mission is to stop breaches. As a global leader in cybersecurity, our team changed the game. Since our inception, our market leading cloud-native platform has offered unparalleled protection against the most sophisticated cyberattacks. We’re looking for people with limitless passion, a relentless focus on innovation and a...

  • Incident Response

    2 weeks ago

    Sydney, New South Wales, Australia Bank Of America Full time

    Job Description: At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection.Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.One of the keys to driving Responsible Growth is being a great place to work for our...

  • Principal Consultant, Incident Response

    3 weeks ago

    Sydney, Australia Palo Alto Networks Full time

    **Company Description** Our Mission** At Palo Alto Networks® everything starts and ends with our mission: Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are...