Security Incident Commander, Threat Management Response

2 months ago


Sydney, Australia Cisco Full time
At Cisco Meraki, we know that technology can connect, empower, and drive us. Our mission is to simplify technology so our customers can focus on what's most significant to them: their students, patients, customers, and businesses. We’re making networking easier, faster, and sophisticated with technology that simply works.At Meraki, you will be a part of a tight-knit engineering organization working with hardworking, effective engineers. A significant influence over the tools that we use to supervise and audit our system and where we choose to deploy them. Responsible for coordinating the response to security incidents. You will support other security teams in driving business-friendly security and process improvements. Finally, by developing our capabilities to promptly detect threats, you will have a direct, immediate, and positive impact on our customers and the hundreds of millions of users that rely on Meraki access points, switches, security appliances, and cameras every single dayWe are passionate about building real products that our customers love. We believe in fostering a positive culture by hiring, mentoring, and empowering thoughtful, conducive, humble people. With the support of management, we constantly look within for ways to improve organizationally. Finally, we maintain a positive relationship with Cisco that gives us the stability and resources of a larger company without sacrificing our startup culture. We are confident you will love it hereThe Threat Management Response team is responsible for 24x7x365 monitoring and rapid incident response for all Cisco Meraki environments. We are the last line of defense to protect the company and our customer's data from threat actors and adversaries.Incidents can happen at any time, as such this position requires on-call work (including overnight and weekends) on an as-needed basis. The core hours for this position are 9:30 AM PST - 6:30 PM PST, Monday through Friday. Key responsibilities: Serve on a rotation of security incident commanders, working with heads of every major product and engineering team to ensure a quick mobilization for high-severity incidents Serve as incident commander when escalations from security analysts require immediate response Write SQL to search data warehouses and large datasets for signs of compromise Respond to high severity incidents and handle the remediation process. (e.g. Malware analysis, large scale phishing attacks, production intrusion, etc.) Familiarity with the following tools: Security Incident and Event Monitoring (SIEM) File Integrity Monitoring (FIM) Vulnerability Scanners, Endpoint Detection & Response (EDR), Security Orchestration, Automation & Response (SOAR) Network and Host Intrusion Detection (IDS) such as SNORT/Sourcefire, Palo Alto, etc. Investigate security events for the following platforms and technologies: Cloud (AWS, Azure, GCP) Cisco physical and virtual network devices and platforms Assist with and perform digital forensics on host OS or cloud system infrastructure to identify IOCs and other signs of imminent security risk and threat Write response runbooks and author documentation on organizational response processes You are an ideal candidate if you: Understand common threat actor tactics, techniques, and procedures (TTPs) and how they are chained together Have experience leading threat hunts, using available logs and threat intelligence to proactively identify and investigate potential risks and suspicious behavior Have a calm methodical approach to investigating potential threats Have minimum of 5 years worked in cybersecurity roles professionally Have the ability to build and/or re-architect new and existing solutions within AWS to help tackle problems outstanding to Meraki’s security logging or security investigation infrastructure Expertise with observability and security tools like Splunk, ELK, Snowflake or other searchable big data solutions Understand core cybersecurity concepts such as encryption, hashing, non-repudiation, vulnerability management, and least privilege Understand major security compliance frameworks such as PCI, SOC 2, and FedRAMP as they relate to incident monitoring and response Bonus points for: Relevant industry security certifications such as CISSP, SANS GIAC (e.g. GCIH, GNFA, GCFE, GCFA, GREM), AWS certifications (SAA, SAP, or SCS), etc. Familiarity with other security verticals such as: Digital Forensics, Threat Intelligence, Threat Detection, Application Security, Cloud Security, Offensive Security Valuable knowledge of detection tools, for example: Nessus, Qualys, OSSEC, Osquery, Suricata, Threatstack, AWS Guard Duty Experience with IoT platforms, large-scale distributed systems, and/or client-server architectures

  • Sydney, New South Wales, Australia Cisco Full time

    Cisco is seeking a skilled Incident Commander to join our Threat Management Response team. As an Incident Commander, you will play a critical role in ensuring the security and integrity of our systems and data.Job SummaryWe are looking for a highly motivated and experienced Incident Commander to lead our response efforts in the event of a security incident....


  • Sydney, Australia Cisco Full time

    At Cisco Meraki, we are known for simplifying technology through our products and services - and for the people behind them. As the fastest growing cloud-managed networking team in the world, our technology architecture is changing the face of networking and making cloud-managed IT a reality. Our employees' groundbreaking ideas impact everything we do. Here,...


  • Sydney, New South Wales, Australia Cisco Full time

    Cybersecurity Incident Commander, Threat Intelligence SpecialistAt Cisco Meraki, we're pioneering the future of cloud-managed networking. As a member of our Threat Management Response team, you'll be at the forefront of safeguarding our company and customers' data against evolving threats. Your expertise in incident response, command, and threat intelligence...

  • SOC Analyst

    7 months ago


    Sydney, Australia Talent International Full time

    australia sydney permanent package + benefitsWe have a newly created opportunity for a Security Operations Centre Analyst to step up into an Incident Commander role as part of a growing Global Cyber Information Security team. Working for a leading, global insurance firm this person will have the proud responsibility of protecting all company divisions...


  • Sydney, New South Wales, Australia The Decipher Bureau Full time

    Job Title: Cloud Security Specialist - Incident Response and Threat AnalysisAbout the Role:You'll work alongside cloud platform managers and technical experts, engaging in hands-on defensive assessments and threat analysis. This role offers end-to-end ownership beyond alert triaging including report writing, stakeholder follow-through, and implementing...


  • Sydney, Australia Commonwealth Bank Full time

    **_You are _**_a problem solver with a strong technical background in Incident Responds (IR) and or Security Operations Centre (SOC). _ - **_We are _**_one of the largest Cyber Security Practices in the Southern Hemisphere. _ - **_Together we can _**_contribute to protecting the Group, Customers and Community. _ **Do work that matters**: We're building...


  • Sydney, New South Wales, Australia NCC Group Full time

    About NCC GroupNCC Group is a global leader in cyber security consulting, with over 2,200 experts worldwide. We provide trusted advisory services to 15,000 customers across the globe.The OpportunityWe are seeking an experienced Cyber Security Specialist: Incident Response and Threat Intelligence to join our team. As a Principal Cyber Incident Response...


  • Sydney, New South Wales, Australia Cisco Full time

    About Cisco MerakiCisco Meraki is a leading provider of cloud-managed networking solutions. Our innovative products and services simplify technology and empower our customers to achieve their goals.Job SummaryWe are seeking a highly skilled Chief Information Security Officer, Threat Management Specialist to join our Threat Management Response team. As a key...


  • Sydney, New South Wales, Australia Cisco Full time

    Job DescriptionAbout the Role:We are seeking a skilled Security Threat Investigator to join our Threat Management Response team. As a key member of our incident response team, you will play a critical role in safeguarding our company and customers' data against evolving threats.About You:To be successful in this role, you will have a strong background in...


  • North Sydney, Australia Gallagher Full time

    About Us: Welcome to Gallagher - a global leader in insurance, risk management, and consulting services. With a growing team of more than 45,000 professionals worldwide, we empower businesses, communities, and individuals to thrive. At Gallagher, you can build a career whether it’s with our brokerage division, our benefits and HR consulting division, or...


  • Sydney, Australia Amazon Full time

    DESCRIPTIONAmazon is seeking for a qualified Security Engineer to join our innovative, high energy Information Security team and work within the Security Incident Response Team (SIRT) in Sydney. SIRT Security Engineers respond to security events, conduct analysis of threats such as malware and intrusion attempts, and provide security services to safeguard...


  • Sydney, New South Wales, Australia The Decipher Bureau Full time

    Are you a skilled Cyber Security professional looking for a challenging role in threat detection and response? The Decipher Bureau is seeking an experienced individual to join our team as a Security Engineer.About the RoleWe are looking for a highly motivated and experienced Security Engineer to join our team in Sydney. As a Security Engineer, you will play...


  • Sydney, New South Wales, Australia NCC Group Full time

    The Opportunity: As a Principal Cyber Incident Response Consultant at NCC Group, you will be part of a well-established team that collaborates with various divisions within our business. You will work closely with the Cyber Incident Response Team, Threat Intelligence teams, Security Operations Centre teams, and our esteemed Red Team.Key...


  • Sydney, Australia The Cyber Hunters Embassy Full time

    Get ready to reimagine the possible and achieve a safer digital world. - Identify, analyse, prioritise and remediate cyber incidents, globally. - Sydney based. Highly driven fast paced team. Excellent Benefits. In the rapidly evolving landscape of cyber threats, this global brand stands at the forefront of defending against malicious activities that put our...

  • Cyber Security Expert

    3 weeks ago


    Sydney, New South Wales, Australia Fujitsu Full time

    About the Role:Fujitsu is seeking an experienced Cyber Security Expert to join our Security Operations Team based in our Cyber Resilience Centre (CRC). As part of this role, you will ensure that cyber security incidents are detected and resolved across all our clients environments. Your primary responsibility will be to conduct triage and analysis on alerts...

  • Cyber Security Expert

    4 weeks ago


    Sydney, New South Wales, Australia Fujitsu Full time

    About the RoleWe are seeking an experienced Cyber Security Expert to join our Security Operations Team based in the Fujitsu Cyber Resilience Centre (CRC).As a Cyber Security Expert, you will be responsible for ensuring that cyber security incidents, exposures, and vulnerabilities are detected and resolved across all our clients' environments.You will conduct...


  • Sydney, New South Wales, Australia The Decipher Bureau Full time

    Cloud Security ProfessionalWe are seeking a skilled Cloud Security Professional to join our team at The Decipher Bureau. This role offers the opportunity to work in a dynamic and collaborative environment, where you will have the chance to learn new technical skills and contribute to the development of cloud security capabilities.About the RoleAs a Cloud...


  • Sydney, New South Wales, Australia Cisco Full time

    Cybersecurity Threat Response StrategistWe are seeking a highly skilled Cybersecurity Threat Response Strategist to join our team at Cisco. This role is responsible for developing and implementing threat response strategies to protect our company and customers' data from evolving threats.Key Responsibilities:Develop and implement threat response strategies...


  • Sydney, Australia Decipher Bureau Full time

    Fantastic People Leadership role in a growing, dynamic team. - Exposure to cutting edge security technologies & solutions - Develop your Subject Matter Expertise in Cyber Incident Management. This global consultancy has a focus on managed security, offensive and intelligence services in a rapidly expanding and growing team of specialists. They require a...


  • Sydney, New South Wales, Australia The Decipher Bureau Full time

    **About The Decipher Bureau**The Decipher Bureau is an ASX-listed organisation with a strong cybersecurity practice, expanding its cloud security team.This role offers the chance to work alongside experienced professionals, engaging in hands-on defensive assessments and threat analysis.You'll have end-to-end ownership beyond alert triaging, including report...