Security Incident Commander, Threat Management Response
2 weeks ago
At Cisco Meraki, we are known for simplifying technology through our products and services - and for the people behind them. As the fastest growing cloud-managed networking team in the world, our technology architecture is changing the face of networking and making cloud-managed IT a reality. Our employees' groundbreaking ideas impact everything we do. Here, that means we take innovative ideas from the drawing board to solutions that have a real-world impact. You'll be part of a diverse and inclusive engineering team that have a direct, immediate, and positive impact on our customers and the hundreds of millions of users that use and rely on Meraki access points, switches, security appliances, and cameras every day.
The Threat Management Response team stands as the last line of defense, providing round-the-clock monitoring and rapid incident response to safeguard our company and customers’ data against evolving threats. If you’re passionate about incident response, incident command, and want to make a tangible impact, this is the role for you Join us, and you’ll help craft our strategy, refine our playbooks, and improve our response processes—driving meaningful change in how we combat security threats. Be a crucial part of our mission to protect and innovate
Incidents can occur at any time, so this role requires on-call availability (including occasional overnight and weekend shifts) as needed. The core working hours for this position are Monday through Friday, 9:30 AM to 6:30 PM AEDT, based on your local time zone.
Key responsibilities:
- Serve on a rotation of security incident commanders, working with heads of every major product and engineering team to ensure a quick mobilization for high-severity incidents
- Serve as incident commander when escalations from security analysts require immediate response
- Write SQL to search data warehouses and large datasets for signs of compromise
- Respond to high severity incidents and handle the remediation process. (e.g. Malware analysis, large scale phishing attacks, production intrusion, etc.)
- Familiarity with the following tools:
- Security Incident and Event Monitoring (SIEM)
- File Integrity Monitoring (FIM)
- Vulnerability Scanners, Endpoint Detection & Response (EDR), Security Orchestration, Automation & Response (SOAR)
- Network and Host Intrusion Detection (IDS) such as SNORT/Sourcefire, Palo Alto, etc.
- Investigate security events for the following platforms and technologies:
- Cloud (AWS, Azure, GCP)
- Cisco physical and virtual network devices and platforms
- Assist with and perform digital forensics on host OS or cloud system infrastructure to identify IOCs and other signs of imminent security risk and threat
- Write response runbooks and author documentation on organizational response processes
You are an ideal candidate if you:
- Understand common threat actor tactics, techniques, and procedures (TTPs) and how they are chained together
- Have experience leading threat hunts, using available logs and threat intelligence to proactively identify and investigate potential risks and suspicious behavior
- Have a calm methodical approach to investigating potential threats
- Have minimum of 5 years worked in cybersecurity roles professionally
- Have the ability to build and/or re-architect new and existing solutions within AWS to help tackle problems outstanding to Meraki’s security logging or security investigation infrastructure
- Expertise with observability and security tools like Splunk, ELK, Snowflake or other searchable big data solutions
- Understand core cybersecurity concepts such as encryption, hashing, non-repudiation, vulnerability management, and least privilege
- Understand major security compliance frameworks such as PCI, SOC 2, and FedRAMP as they relate to incident monitoring and response
Bonus points for:
- Industry-recognized certifications such as CISSP, SANS GIAC (e.g., GCIH, GNFA, GCFE, GCFA, GREM), and AWS certifications (SAA, SAP, or SCS).
- Familiarity with other security fields, including Digital Forensics, Threat Intelligence, Threat Detection, Application Security, Cloud Security, and Offensive Security.
- Networking expertise with LAN/WAN routing and high-availability routing protocols like OSPF, BGP4/iBGP, EIGRP, and NSRP.
- In-depth knowledge of detection tools like Nessus, Qualys, OSSEC, Osquery, Suricata, and AWS Guard Duty.
- Coding/scripting experience in one or more languages.
- Experience demonstrating web application attacks like SQL Injection, XSS, and CSRF.
- Familiarity with IoT platforms, large-scale distributed systems, and client-server architectures.
At Cisco Meraki, we’re challenging the status quo with the power of diversity, inclusion, and collaboration. When we connect different perspectives, we can imagine new possibilities, inspire innovation, and release the full potential of our people. We’re building an employee experience that includes appreciation, belonging, growth, and purpose for everyone.
Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis. Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records.
-
Sydney, New South Wales, Australia Cisco Full timeJob Title: Security Incident Commander, Threat Management ResponseCisco Meraki is seeking a highly skilled Security Incident Commander to join our Threat Management Response team. As a key member of our security team, you will be responsible for coordinating the response to security incidents and supporting other security teams in driving business-friendly...
-
Sydney, New South Wales, Australia Cisco Full timeProtecting Our Customers and DataCisco Meraki is committed to simplifying technology and providing innovative solutions to our customers. As a Threat Management Response Security Incident Commander, you will play a critical role in safeguarding our company and customers' data against evolving threats. This is a challenging and rewarding position that...
-
Sydney, New South Wales, Australia Cisco Full timeProtecting Our Customers and Our CompanyCisco Meraki is committed to providing the highest level of security for our customers and our company. As a key member of our Threat Management Response team, you will play a critical role in safeguarding our data and systems from evolving threats.Key Responsibilities:Serve on a rotation of security incident...
-
Sydney, New South Wales, Australia Cisco Full timeProtecting Our Customers and DataCisco Meraki is committed to safeguarding our customers' data and protecting our company from evolving threats. As a key member of our Threat Management Response team, you will play a critical role in our incident response efforts. Your expertise will help us stay ahead of potential risks and ensure the security of our...
-
Sydney, New South Wales, Australia Cisco Full timeBulletproof Your Company's DataCisco Meraki is a leader in cloud-managed networking, and we're looking for a skilled Threat Response Lead to join our team. As an Incident Commander, you'll be responsible for safeguarding our company and customers' data against evolving threats. Your calm and methodical approach to investigating potential threats will be...
-
Sydney, Australia Cisco Full timeAt Cisco Meraki, we know that technology can connect, empower, and drive us. Our mission is to simplify technology so our customers can focus on what's most significant to them: their students, patients, customers, and businesses. We’re making networking easier, faster, and sophisticated with technology that simply works.At Meraki, you will be a part of a...
-
Sydney, New South Wales, Australia Cisco Full timeDefend Against Evolving ThreatsCisco Meraki is seeking a skilled Security Incident Commander to join our Threat Management Response team. As a key member of our security incident response team, you will play a critical role in safeguarding our company and customers' data against emerging threats. Your responsibilities will include serving as an incident...
-
SOC Analyst
5 months ago
Sydney, Australia Talent International Full timeaustralia sydney permanent package + benefitsWe have a newly created opportunity for a Security Operations Centre Analyst to step up into an Incident Commander role as part of a growing Global Cyber Information Security team. Working for a leading, global insurance firm this person will have the proud responsibility of protecting all company divisions...
-
Incident Response Manager
3 weeks ago
Sydney, New South Wales, Australia Commonwealth Bank of Australia Full timeJoin Our Cyber Security TeamWe are seeking a highly skilled Incident Response Manager to join our Cyber Security team at Commonwealth Bank of Australia. As a key member of our team, you will be responsible for leading and managing major and critical incidents, providing technical expertise, and driving remediation planning.Key Responsibilities:Analyse data...
-
Security Specialist, Threat Response
3 weeks ago
Sydney, New South Wales, Australia Amazon Full timeAbout the RoleAmazon is seeking a highly skilled Security Engineer to join our innovative Information Security team and work within the Security Incident Response Team (SIRT) in Sydney.SIRT Security Engineers respond to security events, conduct analysis of threats, and provide security services to safeguard highly sensitive data.They work hands-on with...
-
Security Engineer
4 weeks ago
Sydney, New South Wales, Australia Amazon Full timeAbout the RoleWe are seeking a highly skilled Security Engineer to join our team in Sydney, Australia. As a Security Engineer, you will be responsible for responding to security incidents, conducting analysis of threats, and providing security services to safeguard highly sensitive data.Key ResponsibilitiesRespond to security incidents and coordinate a...
-
Manager - Incident Response and Cyber Defence
4 weeks ago
Sydney, Australia Deloitte Full timeJob Requisition ID: 36349 Learn from the best in the business Mentoring, growth and training – receive support and coaching to progress your career Preventive and supportive mental health initiatives About the Role The Manager – Incident Response and Cyber Defence will play a key operational role in supporting the Head of...
-
Incident Response Manager
3 weeks ago
Sydney, New South Wales, Australia Commonwealth Bank of Australia Full timeAbout the RoleWe are seeking a highly skilled and experienced Incident Response Manager to join our Cyber Detection and Response team. As a key member of our team, you will be responsible for leading and managing major and critical incidents, as well as guiding and mentoring Incident Responders across your crew.Key ResponsibilitiesAnalyse data and logs to...
-
Security Engineer
4 weeks ago
Sydney, New South Wales, Australia Amazon Full timeAbout the RoleWe are seeking a highly skilled Security Engineer to join our team at Amazon. As a Security Engineer, you will be responsible for responding to security incidents, conducting analysis of threats, and providing security services to safeguard highly sensitive data.Key ResponsibilitiesRespond to security incidents and coordinate a cohesive...
-
Incident Response Manager
2 months ago
Sydney, Australia Commonwealth Bank Full time**_You are _**_a problem solver with a strong technical background in Incident Responds (IR) and or Security Operations Centre (SOC). _ - **_We are _**_one of the largest Cyber Security Practices in the Southern Hemisphere. _ - **_Together we can _**_contribute to protecting the Group, Customers and Community. _ **Do work that matters**: We're building...
-
Security Engineer, Incident Response Specialist
2 weeks ago
Sydney, New South Wales, Australia Amazon Full timeAbout the RoleWe are seeking a highly skilled Security Engineer to join our Incident Response Team at Amazon. As a Security Engineer, you will play a critical role in responding to security incidents, conducting analysis, and providing security services to safeguard our systems and data.Key ResponsibilitiesRespond to security incidents and coordinate a...
-
Security Engineer, Incident Response
1 month ago
Sydney, Australia Amazon Full timeDESCRIPTIONAmazon is seeking for a qualified Security Engineer to join our innovative, high energy Information Security team and work within the Security Incident Response Team (SIRT) in Sydney. SIRT Security Engineers respond to security events, conduct analysis of threats such as malware and intrusion attempts, and provide security services to safeguard...
-
Incident Response Manager
4 weeks ago
Sydney, New South Wales, Australia Commonwealth Bank of Australia Full timeAbout the RoleWe are seeking an experienced Incident Response Manager to join our Cyber Detection and Response team at Commonwealth Bank of Australia. As a key member of our team, you will be responsible for leading and managing major and critical incidents, as well as guiding and mentoring Incident Responders across your crew.Key Responsibilities:Analyse...
-
Security Engineer
7 days ago
Sydney, New South Wales, Australia Amazon Full timeJob DescriptionWe are seeking a highly skilled Security Engineer to join our team and contribute to our incident response efforts. As a key member of our team, you will work closely with our security engineers to identify, contain, and remediate security incidents that may impact our business.Key Responsibilities:Respond to security incidents and coordinate...
-
Security Operations Center Analyst Iii
5 months ago
North Sydney, Australia Gallagher Full timeAbout Us: Welcome to Gallagher - a global leader in insurance, risk management, and consulting services. With a growing team of more than 45,000 professionals worldwide, we empower businesses, communities, and individuals to thrive. At Gallagher, you can build a career whether it’s with our brokerage division, our benefits and HR consulting division, or...
