CrawlJobs Logo
Randstad Logo Randstad · IT - Software Development

Senior Cyber Incident Response Specialist

Australia, Sydney 146197.00 - 154260.00 AUD / Year · Job Posted May 03, 2026

Job offer has expired

Job Link Share

Job Description

This senior, hands-on role offers the chance to lead complex forensic investigations in a cooperative, important environment. Reporting to the Associate Director of Cyber Operations, you will act as a technical lead for high-priority incidents.

Job Responsibility

  • Lead end-to-end incident investigation, containment, and forensic analysis
  • Coordinate with third-party security partners and manage stakeholder communications
  • Deliver post-incident reporting and mentor junior security analysts
  • Manage security controls and participate in a weekly first responder rotation

Requirements

  • 4-5+ years in Incident Management and Cyber Security Operations
  • GCIH, GCFA, or similar SANS qualifications are highly preferred
  • Strong forensic expertise and the ability to translate technical data for executives
  • This role requires Australian Citizenship to ensure eligibility for security clearances
  • 4 years experience
  • Incident Response
  • Digital Forensics
  • GCIH
  • GPEN
  • GCFA
  • SANS Certified Incident Handler
  • SANS Certified Forensic Analyst
  • Bachelor Degree

What we offer

  • Hybrid work with only 1 day on-site per week
  • Attractive on-call allowances and overtime pay
  • Lead investigations for a complex ICT environment
  • Supportive team culture with internal promotion paths
  • Mentor junior analysts in a collaborative environment
Randstad - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Cyber Incident Response Specialist

8 matching positions

Senior Cyber Incident Management, Operations & Response Specialist - VOIS

We are seeking a Senior Cyber Incident Management, Operations and Response Speci...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in a Security Operations Centre, operating at senior analyst level
  • Strong expertise in SIEM platforms (such as ArcSight, Splunk, QRadar or LogRhythm)
  • Proven experience in security incident investigation, response and management
  • Understanding of malware behaviour, advanced persistent threats and complex attack techniques
  • Skilled in SIEM correlation logic, rule tuning and detection optimisation
  • Ability to create structured workflows, playbooks and triage processes
  • Confident mentoring, coaching and motivating analysts within the team
  • Strong written and verbal communication skills, including the ability to present technical findings to senior stakeholders
  • Degree in Computer Science, Information Technology, Engineering or a related field
  • Prior experience in cloud technologies and the information security domain
Job Responsibility
Job Responsibility
  • Investigate, analyse and accurately triage security alerts and incidents across CSOC platforms
  • Perform deep-dive incident analysis, identify root causes and assess business risk
  • Lead daily stand-ups and act as an escalation point for functional and technical queries from Cyber Defence Analysts
  • Produce clear, high-quality technical and operational reports for stakeholders
  • Maintain and continuously enhance alert triage quality and operational deliverables
  • Develop, document and maintain playbooks, runbooks, SOPs, KEDB articles and knowledge base content
  • Proactively fine-tune detection rules and identify opportunities for alert reduction and effort optimisation
  • Monitor and protect digital systems against unauthorised access, modification or data loss
  • Analyse security breaches and recommend appropriate tools, controls and countermeasures
  • Collaborate closely with Local Market CSIRT teams to manage ongoing cases and reduce backlog
What we offer
What we offer
  • Opportunity to work at the forefront of cyber defence within a global telecommunications organisation
  • Exposure to complex threat landscapes and enterprise-scale security environments
  • A role that combines technical depth with leadership, mentoring and operational ownership
  • The ability to influence detection strategy, incident response quality and process maturity
  • Fulltime
Read More
Arrow Right

Senior SOC Analyst

The Senior SOC Analyst will play a crucial role in enhancing security operations...
Location
Location
United Kingdom , Birmingham
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must be able to obtain SC Clearance or already hold SC clearance
  • SIEM Expertise: Hands-on experience with at least two of the following: Splunk, IBM QRadar, Microsoft Defender for Endpoint, Microsoft Sentinel, Google Chronicle
  • Strong knowledge of log formats, parsing, and normalization
  • Experience with KQL, SPL, AQL, or other SIEM query languages
  • Familiarity with scripting (Python, PowerShell) for automation and enrichment
  • Deep understanding of threat detection, incident response, and cyber kill chain
  • Familiarity with MITRE ATT&CK, NIST, and CIS frameworks
  • Strong verbal and written English communication
  • Strong interpersonal and presentation skills
  • Strong analytical skills
Job Responsibility
Job Responsibility
  • Deploy, configure, and maintain SIEM platforms (Splunk, QRadar, Sentinel, Defender, Chronicle)
  • Onboard and normalize log sources across cloud and on-prem environments
  • Develop and optimize analytical rules for threat detection, anomaly detection, and behavioural analysis
  • Design and implement incident response playbooks for various threat scenarios (e.g., phishing, lateral movement, data exfiltration)
  • Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to automate triage and response
  • Continuously refine playbooks based on threat intelligence and incident feedback
  • Monitor and analyse security alerts and events to identify potential threats
  • Perform in-depth investigations and coordinate incident response activities
  • Collaborate with threat intelligence teams to enrich detection logic
  • Conduct threat modelling exercises using frameworks like MITRE ATT&CK, STRIDE, or Kill Chain
What we offer
What we offer
  • We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing
  • Our Learning and Development team ensure that there are continuous growth and development opportunities for our people
  • We also offer the opportunity to have flexible work options
Read More
Arrow Right

Senior Cyber Security Specialist - Vulnerability Management

We are seeking a seasoned cyber security professional to lead the Vulnerability ...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Possess over 10 years of IT experience with a strong focus on cyber security, vulnerability management, and remediation
  • Proficient in tools such as QualysGuard VMDR, WAS, and cloud scanning solutions
  • Skilled in web application penetration testing and knowledgeable in OWASP, Kali Linux, Burp Suite, CVE, SSL PKI, IAM, SIEM, and perimeter security
  • Experienced in managing large-scale vulnerability scanning operations and reporting
  • Strong stakeholder management and communication skills
  • Solid understanding of networking and cyber security policies, standards, and procedures
Job Responsibility
Job Responsibility
  • Lead the Vulnerability Management and Responsible Disclosure team to strengthen Vodafone’s cyber defence capabilities
  • Drive vulnerability management initiatives, ensuring timely identification, communication, and remediation of threats
  • Oversee penetration testing activities related to responsible disclosures and support incident response during crises
  • Research emerging threats, including zero-day vulnerabilities, and ensure targeted scans and mitigation actions
  • Champion continuous improvement through automation and cross-functional collaboration
  • Act as a technical expert in security scanning and penetration testing
  • Foster team development through individual growth plans and maintain high engagement levels
  • Contribute to administrative and delivery initiatives across domains
What we offer
What we offer
  • Opportunity to lead a high-impact domain within a global cyber security function
  • Exposure to cutting-edge vulnerability management tools and practices
  • Collaboration with international teams and stakeholders across Vodafone markets
  • A chance to influence Vodafone’s cyber risk strategy and operational resilience
  • A dynamic and inclusive work environment that values innovation and continuous improvement
  • Fulltime
Read More
Arrow Right

Senior Information Security Incident Response Lead

The Senior Information Security Incident Response Lead is responsible for managi...
Location
Location
Mexico , Mexico
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent in Information Technology, Computer Science or related preferred
  • SANS GIAC Security Essentials (GSEC) or equivalent preferred
  • SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred
  • SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred
  • Advanced experience in a Technology Information Security Industry
  • Advanced experience or knowledge of SIEM and IPS technologies
  • Advanced experience with Wireshark or tcpdump to identify normal and abnormal/malicious traffic patterns and behaviors
  • Advanced understanding of End Point Protection Software
  • Advanced understanding of Enterprise Detection and Response software
  • Advanced knowledge of technological advances within the information security arena
Job Responsibility
Job Responsibility
  • Manages the prevention and resolution of security breaches and ensure incident and problem management processes are initiated
  • Performs access management activities according to the policy
  • Implements and discusses security service audit schedules, review access authorization and perform the required access controls and testing to identify security weaknesses
  • Interacts with a global team of Cyber Security Analysts and specialists
  • Manages 2nd level triaging of security alerts, events, and notifications
  • Manages notifications of internal and/or external teams according to agreed alert priority levels, and escalation trees
  • Communicates status of response, resolution and final root cause analysis to the appropriate stakeholders
  • Follows and updates established and/or ad-hoc processes and work instructions and create procedures where deficiencies are identified
  • Logs, manages and coordinates service requests through to resolution including the identification, isolation, resolution and escalation of IT infrastructure faults
  • Maintains an understanding of current and emerging threats, vulnerabilities, and trends
Read More
Arrow Right

Information Security Senior Specialist

The Cyber Defense & Incident Responder is responsible for monitoring, analyzing,...
Location
Location
United States , Merrifield
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in information technology, cybersecurity, data science, information systems, or computer science
  • Education Equivalency: One-and-one- half (1.5) years of additional experience can substitute for one (1) year of a typical degree program
  • Minimum 6 years of experience in Information Technology (IT) and/or Information Security (IS)
  • DoD 8140 certification for their respective area or the ability to obtain certification within six (6) months of onboarding
  • Ability to obtain a interim Secret Security Clearance and must be eligible for a Top-Secret clearance if requested
Job Responsibility
Job Responsibility
  • Monitor enterprise security systems and analyze alerts to identify potential cybersecurity incidents
  • Perform initial triage and analysis of security events to determine scope, severity, and urgency
  • Execute incident response actions in accordance with established procedures
  • Document and communicate incident findings to support resolution and improvement efforts
  • Maintain SOC processes, tools, and playbooks to ensure effective incident handling
  • Participate in training, exercises, and knowledge-sharing to strengthen response readiness
  • Stay informed on current and emerging cyber threats relevant to the organization’s environment
Read More
Arrow Right

Senior Specialist, Security Operations and OT Cybersecurity

This position will lead regional security operations and help expand and mature ...
Location
Location
United States , Princeton
Salary
Salary:
120000.00 - 140000.00 USD / Year
rennerbrown.com Logo
Renner Brown
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 5 years of cybersecurity operations experience, with direct involvement in SOC management, incident response, and threat detection
  • Demonstrated hands-on experience in OT/ICS environments within manufacturing, utilities, or other regulated sectors
  • Proven ability to lead cross-functional investigations and vendor-driven engagements in complex enterprise environments
  • Knowledge of relevant cybersecurity frameworks, such as NIST CSF and ISA/IEC 62443, and their application in industrial and regulated settings
  • Strong analytical and communication skills, with the ability to work effectively across technical and business teams
  • Expertise in Security Operations and Incident Response, including triage, investigation, containment, and recovery across IT, OT, and cloud domains
  • Hands-on experience with SOC technologies, including SIEM, SOAR, EDR/XDR, and forensic analysis platforms
  • Strong background in OT/ICS cybersecurity, securing SCADA, PLCs, and manufacturing systems using frameworks such as ISA/IEC 62443 and NIST CSF
  • Familiarity with threat detection engineering, use case development, and integration of threat intelligence into monitoring workflows
  • Experience collaborating on vulnerability management and remediation across IT and OT environments
Job Responsibility
Job Responsibility
  • Lead incident response activities for the region, coordinating with global teams for investigation, escalation, and remediation across IT, OT, and cloud environments
  • Manage and continuously improve security monitoring and detection to ensure high-quality visibility and responsiveness
  • Build and mature OT cybersecurity capabilities, partnering with manufacturing, infrastructure, and operations teams to secure industrial control systems, SCADA, PLCs, and laboratory environments
  • Manage and hold vendors accountable for activities such as threat hunting, penetration testing, and forensic analysis, ensuring service quality and effective outcomes
  • Drive the execution of global SOC playbooks, escalation procedures, and threat intelligence integration
  • Support remediation and post-incident activities to strengthen resilience across technology domains
  • Develop, maintain, and enhance operational runbooks and processes to support consistent, repeatable cyber defense practices
  • Collaborate with IT, engineering, and compliance teams to uphold corporate and regulatory security standards
What we offer
What we offer
  • annual performance bonus and comprehensive benefits package
  • Fulltime
Read More
Arrow Right

Senior Specialist, Security Operations and OT Cybersecurity

This position will lead regional security operations and help expand and mature ...
Location
Location
United States , Princeton
Salary
Salary:
120000.00 - 140000.00 USD / Year
rennerbrown.com Logo
Renner Brown
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 5 years of cybersecurity operations experience, with direct involvement in SOC management, incident response, and threat detection
  • Demonstrated hands-on experience in OT/ICS environments within manufacturing, utilities, or other regulated sectors
  • Proven ability to lead cross-functional investigations and vendor-driven engagements in complex enterprise environments
  • Knowledge of relevant cybersecurity frameworks, such as NIST CSF and ISA/IEC 62443, and their application in industrial and regulated settings
  • Strong analytical and communication skills, with the ability to work effectively across technical and business teams
  • Expertise in Security Operations and Incident Response, including triage, investigation, containment, and recovery across IT, OT, and cloud domains
  • Hands-on experience with SOC technologies, including SIEM, SOAR, EDR/XDR, and forensic analysis platforms
  • Strong background in OT/ICS cybersecurity, securing SCADA, PLCs, and manufacturing systems using frameworks such as ISA/IEC 62443 and NIST CSF
  • Familiarity with threat detection engineering, use case development, and integration of threat intelligence into monitoring workflows
  • Experience collaborating on vulnerability management and remediation across IT and OT environments
Job Responsibility
Job Responsibility
  • Lead incident response activities for the region, coordinating with global teams for investigation, escalation, and remediation across IT, OT, and cloud environments
  • Manage and continuously improve security monitoring and detection to ensure high-quality visibility and responsiveness
  • Build and mature OT cybersecurity capabilities, partnering with manufacturing, infrastructure, and operations teams to secure industrial control systems, SCADA, PLCs, and laboratory environments
  • Manage and hold vendors accountable for activities such as threat hunting, penetration testing, and forensic analysis, ensuring service quality and effective outcomes
  • Drive the execution of global SOC playbooks, escalation procedures, and threat intelligence integration
  • Support remediation and post-incident activities to strengthen resilience across technology domains
  • Develop, maintain, and enhance operational runbooks and processes to support consistent, repeatable cyber defense practices
  • Collaborate with IT, engineering, and compliance teams to uphold corporate and regulatory security standards
What we offer
What we offer
  • annual performance bonus
  • comprehensive benefits package
  • Fulltime
Read More
Arrow Right

Physical Security Specialist

Whitehall Resources are currently looking for a Physical Security Specialist bas...
Location
Location
United Kingdom , Cambridge
Salary
Salary:
Not provided
whitehallresources.com Logo
Whitehall Resources Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong strategic and operational Physical Security expertise
  • Ability to build structure in an evolving environment
  • Confident engaging senior stakeholders and influencing across teams
  • Able to translate physical risk into business and cyber context
  • Strong vendor management and delivery focus
  • Collaborative approach across Enterprise Security, Workplace and other key stakeholders
  • Recognised Physical Security certification (CPP, PSP, CSMP desirable)
  • Experience in multinational or technology-led organisation
  • Familiarity with enterprise risk and compliance frameworks
  • Programme / project management experience beneficial
Job Responsibility
Job Responsibility
  • Establish and mature Physical Security capability within Enterprise Security
  • Support development of Physical Security strategy aligned to enterprise risk appetite
  • Develop Physical Security policies and standards: Zoning, access control, CCTV, PSOC, incident management
  • Define Physical Security architecture and secure-by-design reviews. Providing strategic access control and identity management to ensure the right people have the right access to the right places, reducing insider and unauthorised access risk
  • Produce site assessment model, using a tiered approach and deliver assessment of top tier sites
  • Establish Physical SOC operating model, response playbooks, and escalation framework
  • Integrate physical incident response with cyber and crisis management
  • Lead Physical Security technology strategy and vendor governance
  • Deliver gap analysis and define target-state “what good looks like”
  • Provide executive reporting framework on physical risk posture
Read More
Arrow Right