Senior / Cybersecurity Incident Responder
Remote - Wellington, Wellington, New Zealand
Datacom
We work across Australia and New Zealand to make a difference in people’s lives by turning the imaginable into reality.Our purpose
Here at Datacom, we connect people and technology in order to solve challenges, create opportunities and discover new possibilities for the communities we live in.
Our team
Our Cyber Defence Operation Centre (“CDOC”) runs across Auckland, Wellington and Brisbane from where we provide our full stack of Cybersecurity Managed services.
The CDOC is a well-established team made up of Cybersecurity Analysts, Engineers, Dev Engineers , and Incident Responders who have been managing customers, both commercial and government, for over 10+ years. We are a matured operational team that not only responds to security events, incidents, and triggers, but also hunts for anomalous, suspicious, and potentially unwanted activities within our customers environments.
We Partner with industry leaders to provide our services and to provide you with a broad technical skillset, certifications, and experience.
This is an exciting time of growth, and our driven team need to grow to meet the increased demand and activity.
About the Role
This role can be worked in any one of our New Zealand offices across the North and South Island please apply to find out more
The Cybersecurity Incident Responder is a key part of Datacom's Incident Response Team (CSIRT) within the Cyber Defence Operations Centre (CDOC). You will be responsible for supporting the delivery of Cybersecurity Incident Response client engagements, as well as helping to develop and grow the CSIRT capability.
No two incidents are the same and your work will cover all aspects of the incident response lifecycle, from initial identification and first response through to post incident reviews and incident close-out.
What you’ll do
You will respond to Cybersecurity Incidents across our Customers and the Datacom Group. This work will involve incident handling activities (such as data collection, analysis and event correlation) and incident management tasks depending on the nature and severity of the incident.
Typical activities include:
- Production and maintenance of Incident Action Plans, Reports and SITREPS in support of the response activities.
- Support / coordination of containment, eradication and recovery efforts based on available information and established processes.
- Facilitation of communication between stakeholders and external parties, including updating stakeholders on the status of the containment, eradication, and recovery efforts.
- Identification of intrusion vectors / root causes and develop recommendation actions to prevent similar incidents.
- Analysis of incident response effort, with feedback from the customer and third parties as part of Post Incident Reviews (PIRs) and Lessons Learned.
- Delivery of Proactive Incident Response Services which include Table-Top Exercises, Threat Hunting and Incident Preparedness Reviews.
- Work with other members of the CSIRT team, to help to continue to develop the technical capabilities of the CSIRT - including improving the processes and technology to deliver successful outcomes to clients and stakeholders.
What you’ll bring
- A genuine passion for Cyber Security including ability and willingness to learn, self-manage, be proactive, and demonstrate empathy towards fellow team members, customers, and stakeholders during Incident Response engagements.
- Confidence in communicating with a variety of stakeholders, including Senior Management in difficult / tense situations.
- An understand of the tools, techniques, and procedures that modern attackers use to compromise organisations.
- An understanding of various security frameworks and methodologies such as NIST CSF, MITRE ATT&CK and D3FEND, Unified Kill Chain and OWASP Top 10.
- Understanding of key system / digital forensics artifacts and how they are useful in a cyber security investigation.
Proven experience in a cyber security or technical IT role such as the below are highly desirable:
- Digital Forensics / Incident Response
- Cyber Threat Intelligence / Cyber Threat Hunting
- Penetration Testing / Red-team
- Security Operations
- Security Architecture
- IT Operations / Networks
- Basic scripting or programming skills are desirable (for example PowerShell, Bash, Python, Ruby, etc)
The Nitty Gritty
We have over 6,200 people across our global offices, and generate an annual revenue of over $1.2 billion, this makes us one of Australasia’s largest professional IT services companies. We have extensive expertise in operating data centres, providing IT services, software engineering and application management, as well as payroll and customer service design and operations. With this comes a long list of significant clients Datacom is committed to hiring, developing, and promoting the best talent from a diverse range of backgrounds. We are local at heart, yet world-class in capability.
If you are keen to be part of a great team, please apply online! All applications will be treated in the strictest confidence.
Due to the Nature of the Clients you will be working with you will need to be an NZ Citizen/Permanent Resident and have the ability to pass additional security clearances which will require you to have lived in a 5 eyes country for the last 5 years. We do however consider work visas for other opportunities across Datacom so please keep an eye on our careers page for any roles of interest.
Datacom is committed to the health and safety of its people and the wider community. Based on our site access requirements for this role, and/or potential customer site and customer’s vaccination requirements which are constantly developing, the successful applicant will need to be able produce evidence of being fully vaccinated against COVID-19, or a valid exemption. Datacom will consider whether any accommodations can be made for candidates who are partially vaccinated (with remaining vaccine doses booked), or who are unable to be vaccinated against COVID-19 and hold a valid exemption.
Tags: Bash CSIRT Forensics Full stack Incident response MITRE ATT&CK NIST OWASP Pentesting PowerShell Python Ruby Scripting Threat intelligence
Perks/benefits: Career development Team events
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open IPS-related jobs