Share this Job

Cyber Threat Intelligence Manager

Date: 27-Nov-2021

Location: AU

Company: Australian Unity

  • Employ your expertise in a cyber threat intelligence and incident management
  • Permanent position based in our amazing Spring St office
  • Real Wellbeing starts here


What makes us, us


Established in 1840, we’re Australia’s first member-owned wellbeing company, delivering health, wealth and care services to more than 700,000 Australians. Today, while we’ve grown to a company of more than 7000 employees, our focus remains the same as it was 180 years ago — to deliver Real Wellbeing for our customers, members and the community.


We support your Real Wellbeing so you can better support our members’ and customers’ wellbeing journey


There are four key attributes that set us apart:


  • Good people: We strive to set ourselves apart through the capability, warmth and expertise of our people.
  • Wellbeing experts: Our breadth of capability enables us to provide smart solutions and services across all domains of wellbeing.
  • Long-term commitment: As a member-owned company, we’ve been focusing on long-term outcomes and single-minded dedication to our members and customers since 1840.
  • Driving positive impact: Everything we do is focused on making a positive difference at a personal, community and societal level.


These pillars are infused with our values of bold, warm and honest


Your opportunity


The Cyber Threat Intelligence and Incident Response Manager will lead a team of cyber analysts to proactively track the tactics, techniques and procedures (TTPs) related to threat actors, campaigns and malware, providing intelligence analysis in the form of timely alerts, briefs and analytical assessments that is actionable by technical and security operations team. The role will also be responsible for the organisation’s Security Incident Response process, lead the investigations of security incidents ensuring the technical impact, root cause(s), scope and nature of the incident and recommendations to mitigate are appropriately actioned and closed.


As the Cyber Threat Intelligence and Incident Response Manager, you will work with the team alongside technical experts, providing SME support on a range of complex problems. This will include cross team working with other teams within our business, and client teams and stakeholders, including senior executives. The ability to act as a cyber technical lead across the immediate team, and other senior and lead investigators, and into the wider business is key to this role. You need to be highly analytical and a strong investigator who can lead and investigate fast moving and complex security incidents, the experience of running and managing multiple incidents is essential.


Key Accountabilities


  • Collect, analyse, and interpret qualitative and quantitative, technical and non-technical data from multiple sources
  • Conduct security research – identify and navigate relevant online forums, including Web sites, social media, and traditional sources to support research and analysis
  • Focus on threats related to information technology environments and produce actionable intelligence in a clear and concise manner
  • Report top threats by providing awareness, indications, warnings, and operational readiness briefings
  • Conduct security research – identify and navigate relevant online forums, including Web sites, social media, and traditional sources to support research and analysis
  • Perform open source intelligence (OSINT) collection and analysis, identifying indications of cyber threats, malicious code, malicious websites, and vulnerabilities
  • Conduct Threat Intelligence activities, including advanced techniques to investigate potential security incidents
  • Manage timely cyber security incident response advanced investigations including Network and end-point forensic acquisition and analysis, Memory analysis, Analysis of various security logs (endpoint, security appliances, SIEM) and Reverse Malware Engineering
  • Determine technical/operational impact, root cause(s), scope and nature of the incident to mitigate risk and provide advice on remediation or recommendations
  • Provide timely, comprehensive and accurate information to the Chief Information Security Officer in both written and verbal communications
  • Drive a genuinely, customer centric culture through sustained leadership commitment
  • Act accordance with and be an advocate of the Australian Unity values and way of being


About you


We are searching for a professional who will join us in striving to live our values of bold, warm and honest, in everything we do.


Your expertise and qualifications will include:


  • Experience of working within Cyber Security field and Incident Response as Cyber Security Incident Response Analyst performing incident handling, evidence acquisition, digital forensics endpoint and network, chain of custody, sensor alert tracking and cybersecurity incident case management
  • Minimum of 6 years’ experience is required in an IT related discipline, IT Security, IT audit, or IT Risk Management and industry experience relevant to Australian Unity’s business portfolio is preferred
  • Understanding of the Kill Chain and Mitre Att&ck Techniques
  • Experience working with security technologies such as IDS/IPS, Firewalls, SIEM, Network Packet Analysers, Antivirus, Network Behaviour Analysis tools, Malware analysis, Firewalls, DLP, endpoint protection, log collection and analysis
  • Strong working knowledge of security relevant data, including network protocols, ports and common services such as TCP/IP protocols and application layer protocols (e.g., HTTP/S, DNS, FTP, SMTP, etc.)
  • Hands on experience with scripting languages such as Python, Perl, Bash, PowerShell or similar
  • Knowledge of Cloud security and incident response in a Cloud environment
  • Relevant tertiary qualifications required and professional certifications (e.g. CISSP, CISM,CISA, CRISC) preferred
  • A strong working knowledge of risk management legislation, relevant prudential standards, Australian standards and Regulatory Guides, is required




Our people make a real difference in the wellbeing of customers and members every day. Our ambition to be the most trusted wellbeing company in Australia therefore means that wellbeing starts with our people. Our credentials in wellbeing stretch back more than 180 years.


To ensure the safety and wellbeing of our people, customers and community, Australian Unity requires that all employees and contractors must be fully vaccinated against COVID-19 by no later than 31 December 2021 as a condition of entry of any Australian Unity workplace. In order to progress your application, you will need to provide evidence of your COVID-19 vaccination status, proof of booking for the COVID-19 vaccination, or medical exemption certificate from a registered medical practitioner. Thank you for your understanding.


Australian Unity is an Equal Opportunity employer and we encourage applications from all members of the community, including people of Aboriginal and Torres Strait Islander descent, culturally and linguistically diverse backgrounds and, mature aged people.


Should an applicant be the preferred candidate, background checks (including police checks, reference checks, ASIC banned and disqualified persons and bankruptcy checks) will be completed prior to the candidate's employment being confirmed. The outcomes of the background checks do not automatically bar candidates; however, will be assessed against the inherent requirements of the job.


Recruitment Agencies


Please be advised that Australian Unity does not accept unsolicited resumes from Recruitment Agencies. Australian Unity will not recognise an entitlement to an introduction or placement fee unless the Agency has been briefed by a member of the Talent Acquisition team on a specific position for which we have requested candidates for.