Manager, Cyber Threat Intelligence

Do work that makes a Difference

Your Team

Reporting to the Chief Information Security Officer, you will lead a small team of cybersecurity and threat intelligence experts, part of a larger multi-disciplinary security services team sitting across the full spectrum of cybersecurity roles. There is a strong culture for collaboration, innovation and celebrating personal successes. The team is constantly looking to improve and welcomes fresh perspectives and ideas.

Key Responsibilities- Define, lead and mature the Reserve Bank of Australia’s Cyber Threat Intelligence program, including the development and execution of a long-term cyber threat intelligence strategic plan and roadmap, in alignment with the organisation’s overall cybersecurity strategy.-
- You will produce and disseminate contextualised, relevant and timely strategic, operational and tactical (technical) cyber threat intelligence products and services to internal and external stakeholders, with the aim of reducing cyber risk, and enabling the effective prioritisation of security work. This may include intelligence briefings/presentations, short and long form written reports, technical analysis, dashboards, security alerts, curated threat feeds, or other products designed to meet stakeholder requirements.- You will contribute to, collaborate on and lead intelligence support to the investigation of suspected and actual threat activity, supporting the RBA Security Operations Centre, including (not limited to) its Detect, Hunt and Response functions; as well as providing critical intelligence which supports cyber risk management activities, insider threat, posture (vulnerability) management and the RBA's offensive security capability (red team).- You will represent the RBA at various domestic and international security and cyber threat intelligence forums, conferences and events, remotely or in person, and contribute to establishing the RBA as a key thought leader and contributor within the space.- Support cross-functional responsibilities and other duties as directed by the Chief Information Security Officer (CISO).

Your Background

To be successful in this critical role you will possess:- Alternatively, a minimum of 5 years' experience in an adjacent (cyber security or information technology) discipline. Experience in a Cyber Risk, SOC, Red Team or Security Leadership position will be highly regarded- Detailed knowledge and technical understanding of the threat landscape, threat actors, attack patterns, adversarial behaviours and tradecraft, including: Tactics, Techniques and Procedures (TTPs), especially those relevant to Government, the Financial Sector and Critical Infrastructure.- Familiarity with common Cyber Threat Intelligence concepts, taxonomies and analytical frameworks, including (not limited to): the intelligence lifecycle, Lockheed Martin Cyber Kill Chain, MITRE ATT&CK and D3FEND frameworks, Diamond Model of Intrusion Analysis, Structured Analytical Techniques, intelligence probability descriptors and assessment qualifiers, intelligence-led red teaming frameworks, such as CORIE.- A broad understanding of general cybersecurity and information technology topics, principles and regulations relevant to a modern enterprise environment.- Strong presentation, written and verbal communication skills, backed up by an ability to rationalise and articulate the conclusions you make from your analytical work.- Demonstrable experience managing key stakeholder relationships, and an ability to build, maintain and enhance intelligence sharing relationships.- Experience using one or more of the following technologies: Security Information and Event Management (SIEM), Security Orchestration, Automation and Response (SOAR), Vulnerability Scanners, Attack Surface Management (ASM) tools or Threat Intelligence Platforms (TIPs)- A keen eye for opportunities to improve or automate existing workflows and processes.- Bachelor's degree in a relevant field, or equivalent practical experience- CREST Registered Threat Intelligence Analyst (CRTIA)- GIAC Cyber Threat Intelligence (GCTI)- SANS478: Cyber Threat Intelligence- SANS487: Open-Source Intelligence Gathering and Analysis- MITRE ATT&CK Defender Certifications- Certified Information Systems Security Professional (CISSP) or Certified Information Systems Manager (CISM)

Working Arrangements- Travel may be required- Potential requirement to provide on-call or shift support outside of normal business hours- Potential requirement to work irregular hours, including weekends, and public holidays with mínimal notice- Potential requirement to be contactable outside of business hours for problem resolution

Application Close:
December 04, 2024

.