Senior Manager, Cyber Attack Response

Organization: At CommBank, we never lose sight of the role we play in other people’s financial wellbeing. Our focus is to help people and businesses move forward to progress. To make the right financial decisions and achieve their dreams, targets, and aspirations. Regardless of where you work within our organisation, your initiative, talent, ideas, and energy all contribute to the impact that we can make with our work. Together we can achieve great things.
Job Title: Senior Manager, Cyber Attack Response
Location: Bangalore-Manyata Tech Park
Business & Team: The Cyber Attack Response Team (CART) enables the Group to respond to cyber security events and incidents that impact core business platforms, systems, data, assets, and reputation. The team serves as both the Tier 1 and Tier 2 cyber incident response function and is responsible for detecting, triaging, investigating, remediating, and conducting post-incident activities.

Impact &contribution: As Senior Manager, you will be responsible for leading a team of cyber incident responders and analysts to monitor the Group’s computer systems for suspicious activity, investigate and contain escalated cyber security events and incidents, remediation and post-incident activities, and implement AI-driven initiatives. This role involves leading incident response efforts, collaborating with cross-functional teams across various departments to ensure the organisation's ability to prevent, detect, and respond to cyber security incidents is continuously improved.

Roles & responsibilities:

• Lead your team of cyber analysts and cyber incident responders to monitor, investigate, contain cyber security events and incidents based on documented playbooks, Standard Operating Procedures, and the Group’s Cyber Security Incident Response Plan.
• Ensure detection alerts and staff-reported cyber attacks are triaged and analysed to identify events requiring response activities.
• Develop and implement AI-driven strategies and tools to detect, analyse, and respond to cyber threats.
• Drive effective written and verbal communications to ensure that stakeholders have the appropriate level of situational awareness, knowledge of observed trends, and can leverage evidence from realised cyber attacks to make informed decisions.
• Integrate continuous improvement into incident response processes ensuring that findings and identified gaps are leveraged to uplift the group’s security posture.
• Collaborate with peers in Cyber Detection Engineering, Cyber Threat Hunt, and Cyber Threat Intelligence to guarantee collaborative and optimised workflows.
• Ensure active maintenance for documentation such as incident response plans, playbooks, and Standard Operating Procedures.
• Identify potential new detection logic and escalate to the Detection Engineering team.
• Contribute to projects that enhance the security posture of the group.
• Build and maintain relationships with key stakeholders, both internal and external.

Essential skills:

• Experience: 10+ years of experience in cyber security, with a focus on incident response.
• Experience in leadership, managing a team across cyber incident response or similar is essential (e.g., SOC, Cyber Ops, Cyber Attack Response etc).
• Experience in incident management, with a strong emphasis on comprehensive documentation, integrity, and accountability including the ability to document and explain technical details clearly and concisely for different audiences.
• Expertise in hunting, malware analysis, forensics, intrusion detection, threat intelligence, or other cyber incident response specialisation is desirable.
• Strong knowledge of enterprise systems, infrastructure, and security controls including Windows and Linux servers, networks, web proxy, email gateway etc.
• Understanding of Splunk or other SIEM/SOAR tools.
• Knowledge in Microsoft Defender for Endpoints (MDE) or other Endpoint Detection and Response (EDR) tools.
• Knowledge of AI and machine learning techniques and their application in cybersecurity.
• Experience with cloud security and knowledge of cloud platforms such as AWS or Azure.
• Experience with automation and scripting languages such as Python, PowerShell, or Bash.
• Technical Skills: In-depth knowledge of operating systems, network protocols, and cyber security tools
• Analytical Skills: Strong analytical and problem-solving skills. Ability to analyse complex security issues and develop effective solutions.

Education Qualification: Bachelor’s degree or Master’s degree in Engineering in Computer Science/Information Technology

Advertising End Date: 29/04/2025