Manager of Cyber Security Incident Response
University of New South Wales
Australia

• Permanent opportunity/ Newly created role
• Flexible working arrangements
• Attractive salary

The role of Manager, Cyber Security Incident Response will lead an experienced CSIRT team responsible for managing all aspects of the incident response process operating under a hybrid operating model working closely together with our external Managed Security Service Providers (MSSP).

The position requires expert knowledge and significant experience in:

- Handling major cyber security incidents.

- Relevant security technologies (SIEM, EDR, NGFW, etc.) across contemporary computing, storage, and service environments including on-premises, public, and hybrid cloud.

- Threat intelligence, digital forensics, penetration testing, vulnerability scanning, and cyber security frameworks.

- Hybrid delivery models and management of MSSP partners.

- Security Operations Centre (SOC) service delivery

The Manager, Cyber Security Incident Response will possess strong interpersonal skills to effectively communicate, interact, and engage with our partners, vendors internal, and external stakeholders as required to resolve incidents. Additionally, the role is expected to document incident reports, playbooks, processes, and plans using established templates and frameworks in line with industry best practices.

The role reports directly to the Head of Cyber Security Operations. There will be a team of Senior Specialists reporting to the Manager, Cyber Security Incident Response. Reporting, role types and quantity of direct reports will evolve over time to meet the University demands and requirements

Specific accountabilities for this role include:

• Lead an internal team of CSIRT Senior Specialists providing incident response, threat hunting, threat intelligence, and digital forensics services under a hybrid operating model
• Manage and co-ordinate operational and response activities between UNSW and our external MSSP partners providing 24x7 SOC and MDR services
• Escalation point for cyber security incidents impacting the organisation, coordinating communications and response activities together with other operations teams.
• Manage investigations and ensure resources are appropriately assigned to perform actions in partnership with UNSW IT, Faculties, Divisions, Legal, HR, external partners, and other stakeholders as required.
• Document all activities taken during an incident into technical and executive reports in accordance with established processes, standards, and frameworks
• Present security reports on a regular basis analysing trends, patterns, and insights to provide recommendations

Skills and Experience

• Minimum 8 years of industry experience in cyber security incident response, with a minimum 5 years of management experience in a cyber security environment or in a senior support role
• Strong technical skills and operational experience in the management, configuration, and support of security controls including network security, endpoint security, application security, data protection, and/or identity and access management.
• Comprehensive analytical and problem-solving skills and proven capacity to exercise initiative, flexibility and to be proactive in development of robust solutions to problems.
• Strong consultation, influencing and negotiation skills and proven ability to engage effectively with diverse stakeholders to achieve successful outcomes.
• Strong written and verbal communication skills, with a high level of attention to detail for deliverables produced.
• Demonstrated success working effectively and collaboratively on initiatives with a range of people at different levels within an organisation.

Contact:

Ralph Hitti, Talent Acquisition Consultant

E: ralph.hitti@unsw.edu.au

________________________________________

Find out more about working at UNSW at your Faculty/Division web address

UNSW is an equal opportunity employer committed to diversity