BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments.

ROLE SUMMARY

We are looking for a talented and experienced Incident Response specialist to join our Security Consulting team. The role will be responsible for supporting our IR capabilities in-country and will oversee both our response to incidents as and when they occur, but also the growth and development of the capability to ensure it remains equipped and prepared to respond to incidents whenever and wherever they occur.
This role is situated in either Canberra or Melbourne and will require a government security clearance at NV1 (minimum), with potential expectation to undergo higher clearances.

WHAT YOU’LL BE DOING

• Leading the investigation of cyber-attacks against our customers as part of the global Incident Response team, with a particular focus on Australia-based customers.
• Monitoring SIEM platforms for security concerns, providing tuning based on system performance, and developing new detection content based on changes in the threat environment.
• Developing tools, tradecraft, playbooks, and other materiel to support the response to, and investigation of, cyber security incidents.
• Supporting the triage and containment of cyber security incidents as and when they occur and supporting recovery and remediation efforts to restore systems to operational states.
• Conducting forensic analysis of Windows, Linux and macOS devices. Gathering and performing analysis of relevant log files such as operating system, firewall, proxy and DNS logs.
• Providing assessment and analysis of attacker tools, techniques, and procedures of different actors from hacktivist to criminal to nation state.
• Supervising and mentoring junior security consultants and supporting the development of their incident response skillsets.
• Help grow and evolve our delivery capability by documenting the delivery processes, feeding back lessons learned and working with the wider team in establishing best practices and repeatable processes.
• Collaborating with your peers across the Digital Intelligence business, both in Australia and overseas, to look for ways to continuously add value to the business, build your professional network, and share experiences