Role Title: Information Security Senior Consultant – Detection and Response (Europe & Americas)
Role location: London
About Westpac: Westpac is one of the world’s oldest banks and a leading financial services organisation with a strong presence across Australia, New Zealand and key international markets. We support individuals, businesses and institutions through a broad range of banking and financial solutions.
Our culture is values led and performance driven. At Westpac, success is measured by both what we deliver and how we deliver it. We focus on always delivering safely, doing the right thing, executing with excellence and delivering for customers. These outcomes are underpinned by our behaviours of Care, Listen and Act, which guide how we work together and how we build trust with our customers and communities.
About the Team: This role is a core part of Westpac’s global 24/7 cybersecurity monitoring and incident response capability - the bank’s first line of cyber defence.
How will I help?
You will be responsible for analysing and responding to potential cyber threats and attacks against our systems, staff and customers.
You will also have the opportunity to design, validate, implement and continually improve detection content, translating threat intelligence and attacker behaviours into actionable detections aligned to Westpac’s environment and cyber risk priorities.
Key Responsibilities
- Investigate and prioritise security alerts and events, supporting in-depth analysis of logs and threat information from a variety of systems and security tools, including endpoint and network devices.
- Ensure threats and alerts are prioritised based on risk, investigated and mitigated effectively and efficiently, based on available context and data.
- Apply critical thinking and an analytical mindset to guide and influence decisions where documented process is unclear or incomplete, including exceptions escalated by junior team members.
- Maintain and continually uplift SOC capability by recommending, leading and implementing operational and process improvements and contributing to the team knowledge base.
- Collaborate with local and global detection and response teams to optimise detections, integrate logic with SOAR playbooks and improve consistency, coverage and control effectiveness.
- Support proactive threat hunting to identify control gaps, emerging threats and opportunities to improve detection coverage.
What’s in it for me?
You’ll be joining a highly supportive and collaborative team with international coverage during a period of growth across Westpac’s international regions. You will work closely with experienced cyber security professionals and senior stakeholders across our global offices, supporting incident response for real world cyber incidents and operational environments.
We’re obsessed with becoming our customers' #1 banking partner for life and we’re looking for people who are passionate about helping us achieve that goal. In return, we’re committed to making Westpac the best place to work in the country. Here are just a few of the ways we’re already doing that:
- Flexible work arrangements to help you achieve a greater work/life balance, and a variety of leave options including Culture, Lifestyle and Wellbeing leave.
- Tailored learning and development opportunities to help your grow your career within the bank.
What do I need?
- 5+ years of relevant experience in a Cyber Security detection and response role
- Hands on detection engineering experience and/or related qualifications highly regarded
- Highly developed written and verbal communication, critical thinking, and analytical skills.
- Proficiency with SOC tools such as SIEM and SOAR, ideally in a corporate technology environment.
- A strong understanding of common cyber threats and attacks against financial services organisations.
- Proven ability to translate incident learnings into practical improvements in detection, response and operational resilience.
- Strong technical background, including knowledge of network technologies and protocols.
- Ability to understand business context, identify issues, and analyse and correlate information.
- Good understanding of concepts such as Cyber Kill Chain and MITRE ATT&CK framework.
- A self-leader, capable of working independently on complex tasks with minimal supervision.
How do I Apply?
Start Here. Just click on the APPLY button.