Manager - Incident Response and Cyber Defence
1 month ago
Job Requisition ID: 36349
Learn from the best in the business Mentoring, growth and training – receive support and coaching to progress your career Preventive and supportive mental health initiatives
About the Role
The Manager – Incident Response and Cyber Defence will play a key operational role in supporting the Head of Cyber Defence, focusing on incident detection, response, and containment. This individual will oversee SOC operations, ensure SIEM alerts are properly managed, and lead efforts to respond to critical cyber incidents. They will also handle IOCs and threat intelligence, working proactively to prevent security breaches. The Manager will act as a key escalation point for cyber incidents and provide leadership in threat detection, ensuring seamless security operations. With the potential to grow into a second-in-command (2IC) role, this position offers an opportunity for long-term leadership development.
Key Responsibilities
Incident Response & Cyber Resilience:
Lead the response to cyber incidents, ensuring rapid mitigation, containment, and resolution. Maintain and execute the organization’s Incident Response Plan (IRP) with alignment to regulatory requirements and business goals. Oversee post-incident reviews to identify gaps, implement improvements, and update the IRP accordingly. Manage coordination with external response partners and regulators when necessary during significant incidents. Regularly conduct tabletop exercises and simulations to test the organization’s preparedness and refine response processes.SOC & Threat Detection:
Manage the Security Operations Centre (SOC) to ensure 24/7 monitoring and effective incident handling. Oversee the tuning of SIEM platforms, IDS/IPS, and other monitoring tools to optimize detection accuracy and reduce false positives. Ensure critical vulnerabilities generating alerts in the SIEM are properly identified, escalated, and responded to promptly. Coordinate the response to Indicators of Compromise (IOCs), leveraging intelligence sources to contain and prevent incidents. Monitor SOC metrics and incident trends to identify areas for operational improvement.Threat Intelligence & IOC Handling:
Collaborate with threat intelligence teams to incorporate actionable intelligence into detection and response efforts. Manage IOC handling by ensuring timely responses to new threat indicators and their integration into detection tools. Lead proactive threat hunting efforts within the SOC to identify potential threats before they materialize. Stay updated on emerging threat landscapes and ensure response strategies adapt to new vulnerabilities and attack vectors.Leadership & Operational Support:
Act as a key partner to the Head of Cyber Defence, supporting strategic initiatives and taking on operational leadership when required. Serve as the primary escalation point for complex incidents and operational challenges, including weekend support for critical systems (e.g., firewalls). Provide mentorship and guidance to SOC analysts and incident responders, ensuring continuous skill development within the team. Collaborate with IT, legal, compliance, and business units to align security response efforts with operational priorities.Continuous Improvement & Future 2IC Potential:
Partner with the Head of Cyber Defence to assess and refine incident response processes and SOC operations continuously. Identify areas for optimization and automation within incident response workflows. Take on additional leadership responsibilities to develop into a second-in-command (2IC) role over time, supporting the head of function in strategic and operational capacities. Play an active role in the design and execution of defensive strategies to align with evolving threats and best practices. About the team
Join Deloitte’s Cyber Defence team, a crucial part of our organisation, dedicated to protecting our diverse business portfolio and its 13,000 users. Our team operates in four core areas:
Enough about us, let’s talk about you.
You are someone with:
Required:
5+ years of experience in cybersecurity, with a focus on incident response, SOC and threat detection. Proven experience in handling cyber incidents in complex enterprise environments, including managing escalations. Strong operational background in SOC including familiarity with SIEM platforms and response tools. Expertise in incident response frameworks (e.g., NIST, MITRE ATT&CK, Cyber Kill Chain). Experience with SIEM platforms (e.g., Splunk, ArcSight, QRadar) and optimizing detection rules. Strong knowledge of IDS/IPS, IOCs, and proactive threat hunting methodologies. Familiarity with cloud security monitoring (AWS, Azure, GCP) is a plus.Preferred:
GIAC Certified Incident Handler (GCIH) GIAC Security Operations Certified (GSOC)-
Cyber Incident Response Manager
3 weeks ago
Sydney, Australia The Decipher Bureau Full timeThe Company Join an ASX-listed organisation that has one of Australia’s largest cybersecurity practices, which are expanding their new cyber defence team. Following the recent high-profile incidents in Australia, this organisation has taken a proactive approach, identifying the need to build a new cloud security capability. Just 18 months later, this...
-
Cyber Incident Response Specialist
4 weeks ago
Sydney, New South Wales, Australia Australian Energy Market Operator Full timeAbout the RoleAustralian Energy Market Operator (AEMO) is seeking a highly skilled Cyber Incident Response Specialist to join our team. As a key member of our Cyber Incident Response team, you will play a critical role in protecting our organization from cyber threats.Key ResponsibilitiesProvide technical leadership in cyber defence and response activities,...
-
Cyber Incident Response Team Lead
3 weeks ago
Sydney, New South Wales, Australia Australian Energy Market Operator Full timeAbout the RoleWe are seeking a Cyber Security Specialist - Threat Detection and Response to join our team at the Australian Energy Market Operator (AEMO). The successful candidate will be responsible for taking a technical leadership role in cyber defence and response activities.Investigate security incidents and provide response and containment against...
-
Cyber Incident Response Lawyer
3 weeks ago
Sydney, New South Wales, Australia Clyde & Co Full timeCyber Incident Response Lawyer OpportunityClyde & Co is an international law firm with a dedicated cyber incident response practice. We advise organisations across Australia, New Zealand, and globally in response to incidents, as well as assisting clients on privacy compliance and cyber incidents readiness.The team is led by John Moran, an internationally...
-
Cyber Incident Response Specialist
4 weeks ago
Sydney, New South Wales, Australia Clyde & Co Full timeAbout the RoleClyde & Co is seeking a highly skilled Cyber Incident Response Specialist to join our team. As a key member of our cyber incident response practice, you will play a critical role in helping our clients manage the lifecycle of a cyber incident, related investigations, and litigation.Key ResponsibilitiesProvide crisis and reputational management...
-
Cyber Incident Response Specialist
2 weeks ago
Sydney, New South Wales, Australia Clyde & Co Full timeAbout the RoleThis is an exciting opportunity for an ambitious lawyer with 2 or more years post-qualification experience to join our market-leading cyber incident response team in Sydney.The successful candidate will be responsible for managing the lifecycle of a cyber incident, including related investigations and litigation. This will involve providing...
-
Cyber Incident Response Lawyer
6 days ago
Sydney, New South Wales, Australia Clyde & Co Full timeAbout the RoleWe are seeking an ambitious lawyer with a strong interest in cyber and privacy law to join our dynamic team in Sydney. As a Cyber Incident Response Lawyer, you will play a key role in helping clients manage the lifecycle of a cyber incident, from initial response to post-incident reviews.This is a fantastic opportunity to develop your skills...
-
Cloud Incident Response Manager
3 months ago
Sydney, Australia Commonwealth Bank of Australia Full timeCloud Incident Response Manager - Azure - **You are** a problem solver with technical experience in cloud security, specialising across Azure services and solutions. - **We are** one of the largest Cyber Security teams in the southern hemisphere. - **Together we** will build tomorrow's bank today, using world-leading engineering, technology, and...
-
Cyber Incident Response Lawyer
2 weeks ago
Sydney, New South Wales, Australia Clyde & Co Full timeAbout the RoleClyde & Co, a leading international law firm, is seeking a highly motivated lawyer to join its market-leading cyber incident response team in Sydney.The successful candidate will have 2+ years of post-qualification experience and a strong academic record. They will be responsible for managing the lifecycle of cyber incidents, investigations,...
-
Cyber Incident Response Specialist
1 month ago
Sydney, New South Wales, Australia Macquarie Full timeCyber Incident Response SpecialistMacquarie's Cyber Threat and Incident Response team is seeking a Cyber Incident Response Specialist to enhance our cyber incident preparedness and response capabilities. As a key member of our team, you will be responsible for testing and validating incident response playbooks, assessing the efficiency of processes, systems,...
-
Cyber Incident Response Specialist
4 days ago
Sydney, New South Wales, Australia Clyde & Co Full timeWe are seeking an ambitious and highly motivated lawyer with 2 or more years post qualification experience to join our market leading cyber incident response team in Sydney.As a Cyber Incident Response Specialist, you will be responsible for managing the lifecycle of a cyber incident, related investigations and litigation. A key component is providing crisis...
-
Cyber Incident Response Specialist
5 days ago
Sydney, New South Wales, Australia Clyde & Co Full timeCompany OverviewClyde & Co is an international law firm, with a leading cyber incident response practice in the Asia Pacific region. The team advises clients across Australia and New Zealand on a range of incidents, as well as assisting them on matters of privacy compliance and cyber resilience.About This OpportunityWe are seeking a highly motivated lawyer...
-
Cyber Incident Response Lawyer
4 weeks ago
Sydney, New South Wales, Australia Clyde & Co Full timeAbout the RoleClyde & Co is an international law firm with a dedicated cyber incident response practice in Australia. The team advises small, medium, and large organisations across Australia and New Zealand, as well as globally, in response to various incidents. They also assist clients with privacy compliance, cyber incident readiness, and resilience...
-
Cyber Incident Response Lawyer
3 weeks ago
Sydney, New South Wales, Australia Clyde & Co Full timeCyber Incident Response LawyerClyde & Co is an international law firm with a dedicated cyber incident response practice in Australia. Our team advises small, medium, and large organisations across Australia and New Zealand, as well as globally, in response to various incidents. We also assist clients with privacy compliance, cyber incident readiness, and...
-
Cloud Security Incident Response Manager
4 weeks ago
Sydney, New South Wales, Australia Commonwealth Bank of Australia Full timeAbout the Role:The Commonwealth Bank of Australia is seeking a highly skilled Cloud Security Incident Response Manager to join our Cyber Defence Operations team. As a key member of our team, you will be responsible for leading solutions, services, and project initiatives across Azure, drawing on your expertise in cloud security and incident response.Key...
-
Cyber Incident Response Specialist
3 weeks ago
Sydney, New South Wales, Australia Clyde & Co Full timeAbout the RoleClyde & Co, a prominent international law firm, is seeking an exceptional lawyer to join its market-leading cyber incident response team in Sydney. The ideal candidate will have a strong background in cyber and privacy law, with the ability to manage the lifecycle of a cyber incident, related investigations, and litigation.The role involves...
-
Incident Responder
5 months ago
Sydney, Australia Quigly Cyber Full timeDiverse, inclusive and supportive team - Proudly making a difference with the transition to renewable energy - You love Cyber Security Quigly are a boutique consultancy with a great network of clients across many industries. **Company Overview** Join one of Australia's top organizations. Our client improves the lives of millions - from lighting up sports...
-
Cyber Security Consultant
1 week ago
Sydney, New South Wales, Australia Clyde & Co Full timeClyde & Co is a global law firm with a dedicated cyber incident response practice in Australia. The team advises clients across the region and globally on responding to incidents, as well as assisting with privacy compliance, readiness exercises, and resilience.The team is led by John Moran, an internationally recognised leader in cybersecurity and incident...
-
Cyber Incident Response Program Coordinator
4 weeks ago
Sydney, New South Wales, Australia Macquarie Full timeCyber Incident Simulation Coordinator Role OverviewAt Macquarie, we are committed to enhancing our cyber incident preparedness and response capabilities. As a Cyber Incident Simulation Coordinator, you will play a critical role in testing and validating incident response playbooks, assessing the efficiency of processes, systems, and services, and ensuring...
-
Cloud Security Incident Response Manager
3 weeks ago
Sydney, New South Wales, Australia Commonwealth Bank of Australia Full timeAbout the Role:Cyber Defence Operations (CDO) is seeking a Cloud Security Incident Response Manager to assist in the protection of the group from malicious activity. The successful candidate will have expertise in Cloud Incident Response and Cloud Security, with a focus on Azure solutions and services.The Incident Response Cloud Security Team reviews and...
