Principal Cyber Hunt and Incident Response

• Play an important part shaping the future of our iconic Australian institution

• Hybrid work environment

• Permanent position

• Join a team focused on remaining at the forefront of technology

About the Role

The Reserve Bank of Australia is hiring for a Principal, Cyber Hunt and Incident Response to join a newly formed small-sized team on a permanent basis. In this role you will investigate and respond to post-breach cyber incidents, perform pro-active threat hunts, and provide technical expertise to uplift the cyber hunt and incident response program, ensuring alignment with the Bank’s cyber security strategy. You will provide expert technical leadership and subject matter expertise, contributing to a team delivering the full spectrum of cyber hunt and incident response services across the Bank. Reporting to the Manager, Cyber Hunt and Incident Response, the team forms part of a larger multi-disciplinary IT Security Services function.

As the principal, you’ll be responsible for the following:

• Mature the Reserve Bank of Australia’s Cyber Hunt and Incident Response program in a modern Cyber Defence Operations Centre environment

• Produce and disseminate contextualised, relevant and timely strategic, operational and tactical (technical) cyber incident reports to internal stakeholders

• Work closely with IT Security Services teams, Infrastructure teams, and additional stakeholders during cyber incident response events, providing expert technical guidance, leadership, and analysis throughout all stages of a cyber security incident

• Support staff training initiatives, mentoring team members to foster a culture of growth and accountability, and closely monitor their progress to bring out their best potential

• Contribute to the development and maintenance of the Bank’s Cyber Incident Management process

• Support cross-functional responsibilities and other duties as strategically directed by the Chief Information Security Officer (CISO)

About You

We are looking for a candidate that is passionate about cyber security and technology and enjoys sharing that passion with others. Demonstrated experience in a Cyber Hunt and Incident Response role is essential. Experience in other cyber security teams such as Cyber Security Operations will be highly regarded. To be successful in this critical role you will possess the following skills:

• A minimum of 5 years' experience in a dedicated cyber security role (with a focus on incident response and technical domains)

• Experience in an adjacent (cyber security or information technology) discipline will be highly regarded

• Extensive cyber incident response experience, including the ability to lead and coordinate response efforts during cyber security incidents

• A deep understanding of general cyber security and information technology topics, principles, and regulations relevant to a modern enterprise environment

• Outstanding presentation, written and verbal communication skills, with the ability to convey complex security concepts to non-technical stakeholders

• Demonstrable experience managing key stakeholder relationships, and an ability to build and maintain relationships with key stakeholders

• Considerable experience using relevant incident response and digital forensics tooling such as Magnet Axiom, Velociraptor, Flare VM, SIEM (Sentinel), SOAR, and XDR (Defender)

• Understanding of threat hunting methodologies and demonstrated experience

• Extensive digital forensics experience and knowledge of core concepts

It is desirable that the ideal candidate have the following qualifications (or similar) and aligned experiences:

• Tertiary qualification in a relevant field, or equivalent practical experience

• Vendor specific certifications

• Security Blue Team Level 2

• SANS/GIAC Incident Response, Digital Forensics, Threat Hunting certifications

• Certified Information Systems Security Professional (CISSP) or Certified Information Systems Manager (CISM)

Be More

Working for an organisation that truly makes a difference to the people of Australia, we can offer development and career opportunities in a collaborative environment that supports your growth, wellbeing and promotes flexibility. Your individual growth and success drives the RBA forward as an organisation. Be more means you can do more, for yourself and for Australia.

Why RBA?

The RBA makes an important contribution to the Australian economy through the pursuit of national economic policy objectives and associated activities in financial markets and banking. We also issue Australia's banknotes and operate infrastructure critical to the payments system, all of which contribute to the welfare of the Australian people.

Made up of specialists across a wide range of fields, our people, values, and culture play a critical role in achieving our objectives. Striving to be Open & Dynamic, we consider and incorporate different perspectives, work across teams and are transparent with each other, whilst delivering quality together effectively and focusing on outcomes by prioritising, testing, learning, and refining as we go.

Our people conduct themselves with a high degree of integrity, while striving for excellence in the work they perform and the outcomes they achieve. We encourage intelligent inquiry, and we treat one another with respect while promoting the public interest through our efforts.

We know it is the growth and success of our people that drives the RBA forward. Come and make a bigger contribution while you build and develop your own skills too, because being more means you can do more, for yourself and for Australia.

A security clearance will be necessary for this role, as a result we can only accept applications from Australian Citizens.

The Reserve Bank of Australia is committed to equity, diversity and inclusion through key initiatives.  We welcome and encourage applicants from diverse backgrounds to apply, including Aboriginal and Torres Strait Islander peoples, culturally and linguistically diverse background, those living with a disability and from the LGBTQ+ community.  We are committed to making the recruitment process fair and equitable for all our candidates.

Application Close :

.