Cyber Defence Manager

Organization: At CommBank, we never lose sight of the role we play in other people’s financial wellbeing. Our focus is to help people and businesses move forward to progress. To make the right financial decisions and achieve their dreams, targets, and aspirations. Regardless of where you work within our organisation, your initiative, talent, ideas, and energy all contribute to the impact that we can make with our work. Together we can achieve great things.
Job Title: Cyber Defence Manager
Location: Bangalore-Manyata Tech Park
Business & Team: The Cyber Attack Analysis Team (CAAT) enables the Group to respond to cyber security events that impact core business platforms, systems, data, assets, and reputation. The team serves as the Tier 1 function and is responsible for detecting, triaging and analysing cyber security events of interest.

Impact &contribution: As a Manager you will be responsible for leading a team of analysts that monitor the Group’s computer systems for suspicious activity using enterprise-grade cyber tools and critical thought processes. Your team will triage and manage various incidents, events, and queries from the business to the relevant resolver group.

This role will also involve leading incident response efforts, implementing AI-driven initiatives, and collaborating with cross-functional teams across various departments to ensure the organisation's ability to prevent, detect, and respond to cyber security incidents is continuously improved.

Roles & responsibilities:

• Lead your team of cyber analysts to monitor the Group’s computer systems for suspicious activity based on documented playbooks, Standard Operating Procedures, and the Group’s Cyber Security Incident Response Plan.
• During cyber security attacks you will lead incident responders to investigate and contain escalated cyber security events and incidents.
• Ensure your team of cyber analysts triages and analyses detection alerts and staff-reported cyber attacks to identify events requiring response activities.
• Develop and implement AI-driven strategies and tools to detect, analyse, and respond to cyber threats.
• Drive effective written and verbal communications to ensure that stakeholders have the appropriate level of situational awareness, knowledge of observed trends, and can leverage evidence from realised cyber attacks to make informed decisions.
• Integrate continuous improvement into incident response processes ensuring that findings and identified gaps are leveraged to uplift the group’s security posture.
• Identify potential new detection logic and escalate to the Detection Engineering team.
• Collaborate with peers in Cyber Detection Engineering, Cyber Threat Hunt and Cyber Threat Intelligence to guarantee collaborative and optimised workflows.
• Ensure active maintenance for documentation such as incident response plans, playbooks and Standard Operating Procedures.
• Contribute to projects that enhance the security posture of the group.
• Build and maintain relationships with key stakeholders, both internal and external.

Essential skills:

• Experience: 10+ years of experience in cyber security, with a focus on incident response.
• Experience in leadership, managing a team across cyber incident response or similar is essential (e.g., SOC, Cyber Ops, Cyber Attack Response etc).
• Experience in incident management, with a strong emphasis on comprehensive documentation, integrity, and accountability including ability to document and explain technical details clearly and concisely for different audiences.
• Expertise in hunting, malware analysis, forensics, intrusion detection, threat intelligence or other cyber incident response specialisation is desirable.
• Strong knowledge of enterprise systems, infrastructure and security controls including Windows and Linux servers, networks, web proxy, email gateway etc.
• Understanding of Splunk or other SIEM/SOAR tools.
• Knowledge in Microsoft Defender for Endpoints (MDE) or other Endpoint Detection and Response (EDR) tools.
• Knowledge of AI and machine learning techniques and their application in cybersecurity.
• Experience with cloud security and knowledge of cloud platforms such as AWS or Azure.
• Experience with automation and scripting languages such as Python, PowerShell, or Bash.
• Technical Skills: In-depth knowledge of operating systems, network protocols, and cyber security tools.
• Analytical Skills: Strong analytical and problem-solving skills. Ability to analyse complex security issues and develop effective solutions.

Education Qualification: Bachelor’s degree or Master’s degree in Engineering in Computer Science/Information Technology

Advertising End Date: 29/04/2025