Cyber Deception Lead

**Cyber Deception Lead**

**About Us**:At the Commonwealth Bank of Australia (CBA), we are dedicated to safeguarding our digital assets and protecting our customers' data. Our Cyber Detection & Response team is at the forefront of this mission, identifying, responding to, and mitigating cyber threats. We are now seeking a highly skilled and innovative Cyber Deception Lead to join our team and enhance our cyber defence capabilities through the implementation of a Cyber Deception programme.

**Key Responsibilities**:

- **Deception Framework Development**:Assist in the development and implementation of a comprehensive cyber deception framework, based on MITRE Engage, that aligns with the organisation's overall cybersecurity objectives.
- **Collaboration**:Work closely with, and influence, other teams including threat intelligence, cyber detection, cyber incident response, vulnerability management, and technology, to ensure a cohesive and effective cyber deception programme.
- **Threat Analysis**:In collaboration with the Threat Intelligence team, conduct in-depth analysis of cyber threats and adversary tactics to inform the design and deployment of deception techniques.
- **Deception Technology Implementation**:Deploy and manage deception technologies and processes, including honeypots, honey tokens, decoy systems, and other deceptive assets.
- **Continuous Improvement**:Continuously evaluate and improve deception campaign maturity by following industry best-practice and implementing operational excellence to stay ahead of evolving cyber threats.
- **Training and Awareness**:Provide training and awareness programs to educate internal stakeholders on the use and benefits of cyber deception.
- **Reporting**:Prepare and present regular reports on the effectiveness of deception strategies and technologies to senior management.

**Qualifications**:

- **Education**:Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.
- **Experience**:Minimum of 5 years of experience in cybersecurity, with at least 1-2 years focused on cyber deception or related fields. Experience with threat intelligence analysis, AI, and automation technologies is highly desirable.
- **Certifications**:Relevant certifications such as CISSP, CEH, GIAC, or similar are highly desirable.
- **Technical Skills**:Proficiency in threat research, attack path analysis, and incident response. A strong general technical knowledge and experience of systems architecture is essential. Experience of offensive security tooling, software exploitation (e.g. OWASP Top 10), or red teaming is desirable.
- **Analytical Skills**:Strong analytical and problem-solving skills, with the ability to think creatively and strategically.
- **Communication Skills**:Excellent written and verbal communication skills, with the ability to convey complex technical concepts to non-technical stakeholders.
- **Team Player**:Ability to work effectively in a collaborative team environment.

**Why Join Us?**
- **Innovative Environment**:Be part of a forward-thinking team that embraces innovation and continuous improvement.
- **Professional Growth**:Opportunities for professional development and career advancement.
- **Impactful Work**:Contribute to the protection of our customers' data and the security of our digital assets.

We're aware of some accessibility issues on this site, particularly for screen reader users. We want to make finding your dream job as easy as possible, so if you require additional support please contact HR Direct on 1800 989 696.

Advertising End Date: 17/02/2025