Cloud Security Incident Response Senior Analyst

• You are a problem solver with experience in cloud security, specialising across AWS and Azure services and solutions.
• We are one of the largest Cyber Security teams in the southern hemisphere.
• Together we will build tomorrow's bank today, using world-leading engineering, technology, and innovation.

See yourself in our team: 

The Incident Response Cloud Security Team reviews and performs analysis on incident response engagements involving AWS and/or Azura data, assists with uplifting the cloud cyber control hygiene and helps with CDO's incident response process, vulnerability management and penetration testing in the cloud.

Do work that matters: 

The Incident Response Cloud and Emerging Security Team, forms part of the wider Cyber Defence Operations (CDO), and works closely with all cyber teams, as well as the Cloud Enablement and Engineering (CEE) and Cloud Security Technology teams who manage the cloud environments. As a Senior Analyst specialising in Incident Response Cloud and Emerging Security, your expertise will be pivotal in guiding solutions, services, and project initiatives within AWS and Azure environments.

You will act as the technical cloud security SME and escalation path, drawing on your expertise in one or more of the following domains: incident response in AWS or Azure environments, cloud security control effectiveness, host analysis, network forensics, malware analysis, threat intelligence, and system administration.

You will also:

• Use cyber security tools to gather information and perform investigations within the Group's public cloud environment.
• Determine best practice approaches for monitoring, undertaking incident response, and managing cyber control hygiene in the cloud.
• Document appropriate ways to detect, prevent, and isolate suspicious activity in the cloud.
• Assist the CDO team with any incident response and remediation activities related to cloud workloads.
• Conduct proactive cyber defensive assessments by referencing adversary tactics and offensive techniques to identify control gaps and validate defensive effectiveness against emerging threats. 
• Review security controls in affected cloud environment(s) to identify gaps and provide input into post incident reporting.
• Assist the CEE team with ongoing reviews/uplift of the security posture in the public cloud environment.
• Research and evaluate emerging security technologies and trends, recommending implementations to enhance our security posture.
• Stay informed about the latest cybersecurity threats and vulnerabilities, and provide tactical and strategic recommendations to mitigate risks

We are interested in people who have :

Expertise in cloud security with a core focus on AWS and Azure solutions and services. You will bring your experience working within a similar role with experience in managing large and complex solutions across cloud security and incident response as a cloud subject matter expert (SME).

You will also have:

• Experience in cybersecurity, with a focus in Incident Response and cloud Security.
• Demonstrated experience in incident response is essential.
• Expertise in AWS and/or Azure cloud security controls.
• Proven ability to conduct proactive cyber defensive assessments by referencing adversary tactics and offensive techniques to identify control gaps and validate defensive effectiveness against emerging threats. 
• Demonstrated experience translating assessment outcomes into actionable improvements aligned to enterprise risk frameworks and adversary tactics.

Skills:

• Experience applying industry frameworks (e.g., NIST CSF, MITRE ATT&CK) to defensive assessments.
• Strong stakeholder engagement skills to communicate findings and drive remediation outcomes.

Desirable Qualifications:

• Bachelor's degree in information technology, Cybersecurity, or a related field is preferred.
• Professional certifications such as CISSP, information security, information technology, risk management or equivalent discipline is highly desirable.
• Cloud Security Certifications such as AWS Certified Security Speciality is desirable.

If you're already part of the Commonwealth Bank Group (including Bankwest, x15ventures), you'll need to apply through Sidekick to submit a valid application. We're keen to support you with the next step in your career.

We're aware of some accessibility issues on this site, particularly for screen reader users. We want to make finding your dream job as easy as possible, so if you require additional support please contact HR Direct on