Applications for this job have closed. Try searching for similar jobs.

Lead Incident Responder

Commonwealth Bank

Location: Perth

Job Type: Full time


  • You are a problem solver with a strong background in IR and or Security Operations Centre (SOC)
  • We are one of the best and most advanced Cyber Security teams in Australia
  • Together we can contribute to protecting the Group, Customers and Community

Your business:

The Technology division delivers the Group's information technology and banking operations functions to ensure the highest levels of customer service through world-class process excellence and technology innovation. Cyber Security protects the bank and our customers from theft, losses and risk events, through effective and proactive management of cyber security, privacy and operational risk.

At CommBank we believe in working somewhere that works for you. We have many flexible working options available so talk to us about which arrangements could work best for you.

Your new team:

The mission of the Group's Cyber Attack Response Team is to provide a high-performing, reliable, and sustainable assurances to detect, contain, and remediate attacks from cyber threats against the Group's digital ecosystem.

Your impact and contribution:

As the Lead Incident Responder, you will be part of a highly skilled and experienced team of specialists across the organisations wider Cyber Attack Response Team.

This role will have you lead and manage major and critical incident responses initiatives and operational alerts while offering subject matter expertise to functional and technical stakeholders to support the organisations cyber defence.

You will also:

  • Utilise sensor data and correlated logs containing IDS/IPS, AV, web application firewalls, Operating System events, web proxy, and similar data to establish context and scope.
  • Operationalise actionable intelligence reports from Cyber Intelligence team and external sources.
  • Maintain incident response documentation, lead post incident review activities, and write incident reports.
  • Partake in an "on-call" roster where required to ensure out-of-hours incident response coverage.
  • Demonstrate thought leadership in the enhancement of incident response capabilities.
  • Participate in threat hunt and purple team activities to identify areas for improvement.
  • Provide input as a subject matter expert into projects and initiatives where required.

We are interested in people who:

As the Lead Incident Responder you will bring your commercial experience working across cyber security within an incident response and or Security Operations Centre (SOC) environment.

You are a subject matter expert with the ability to advice on critical cyber incidents and offer technical support and consultative advice to the wider organisation to ensure the safety of the Group.

You will bring:

  • Strong incident response and or security operations centre (SOC) experience is essential.
  • Strong technical background across a broad set of systems and infrastructure is essential.
  • Ability to articulate technical concepts while catering to different audiences is essential.
  • Ability to deal with pressure and be adaptive to change during major incidents is essential.
  • Strong background in Splunk, Microsoft technologies - Control is essential.
  • Experience with malware analysis, intrusion detection, threat intelligence or other incident response specialisation is desirable.

If this role is of interested to you please apply directly or reach out to have a confidential discussion in more detail.

Whether you're passionate about customer service, driven by data, or called by creativity, a career here is for you.

Our people bring their diverse backgrounds and unique perspectives to build a respectful, inclusive and flexible workplace. One where we're driven by our values, and supported to share ideas, initiatives, and energy. One where making a positive impact for customers, communities and each other is part of our every day.

Here, you'll thrive. You'll be supported when faced with challenges, and empowered to tackle new opportunities. We really love working here, and we think you will too.

We're determined to make a real difference for Australia's first peoples. We encourage all interested applicants to apply. If you're already part of the Commonwealth Bank Group (including Bankwest), you'll need to apply through Sidekick to submit a valid application. We're keen to support you with the next step in your career.