Reserve Bank of Australia
We are Australia's central bank. We conduct monetary policy, work to maintain a strong financial system and issue the nation's currency.
The Reserve Bank of Australia is hiring for a Manager, Cyber Threat Intelligence to join a skilled team on a permanent basis. In this role you will lead and deliver a comprehensive cyber threat intelligence program, ensuring alignment with the organisation’s cybersecurity strategy. You will provide expert technical leadership and subject matter expertise, managing a high-performance team delivering the full spectrum of cyber threat intelligence services across the organisation.
Your Team
Reporting to the Chief Information Security Officer, you will lead a small team of cybersecurity and threat intelligence experts, part of a larger multi-disciplinary security services team. There is a strong culture for collaboration, innovation and celebrating personal successes. The team is constantly looking to improve and welcomes fresh perspectives and ideas.
Key Responsibilities
- Define, lead and mature the Reserve Bank of Australia’s Cyber Threat Intelligence program, including the development and execution of a long-term cyber threat intelligence strategic plan and roadmap, in alignment with the organisation’s overall cybersecurity strategy.
- Apply your threat intelligence expertise to plan, collect against, research, analyse and build a deep technical understanding of the nature of cyber threats relevant to the Australian Government, Central Bank, the Financial Sector and Critical Infrastructure.
- Produce and disseminate contextualised, relevant and timely strategic, operational and tactical (technical) cyber threat intelligence products and services to internal and external stakeholders, with the aim of reducing cyber risk, and enabling the effective prioritisation of security work.
- Contribute to, collaborate on and lead intelligence support to the investigation of suspected and actual threat activity, supporting the RBA Security Operations Centre.
- Represent the RBA at various domestic and international security and cyber threat intelligence forums, conferences and events, remotely or in person.
- Support cross-functional responsibilities and other duties as directed by the Chief Information Security Officer (CISO).
Your Background
We are looking for a candidate that is passionate about cyber security and technology and enjoys sharing that passion with others. Previous experience in a Cyber Threat Intelligence or another Intelligence role is highly desirable. Alternatively, experience leading other IT Security functions such as Cyber Risk, DFIR, SOC, Red Team or Leadership will be highly regarded.
To be successful in this critical role you will possess:
- At least 3 years' experience in a dedicated cyber threat intelligence or another intelligence role, with a background in applying intelligence to support tactical, operational and strategic decision making.
- Alternatively, a minimum of 5 years' experience in an adjacent (cyber security or information technology) discipline.
- Detailed knowledge and technical understanding of the threat landscape, threat actors, attack patterns, adversarial behaviours and tradecraft.
- Familiarity with common Cyber Threat Intelligence concepts, taxonomies and analytical frameworks.
- A broad understanding of general cybersecurity and information technology topics, principles and regulations relevant to a modern enterprise environment.
- Strong presentation, written and verbal communication skills.
- Demonstrable experience managing key stakeholder relationships.
- Experience using one or more of the following technologies: SIEM, SOAR, Vulnerability Scanners, ASM tools or TIPs.
- A keen eye for opportunities to improve or automate existing workflows and processes.
It is desirable that the ideal candidate will have undertaken, or be in the process of undertaking at least one of the following certifications or associated courses (or similar):
- Bachelor's degree in a relevant field, or equivalent practical experience.
- CREST Registered Threat Intelligence Analyst (CRTIA).
- SANS487: Open-Source Intelligence Gathering and Analysis.
- MITRE ATT&CK Defender Certifications.
- Certified Information Systems Security Professional (CISSP) or Certified Information Systems Manager (CISM).
A security clearance is required for this role and therefore we can only accept applications from Australian Citizens.
Working Arrangements
Travel may be required. Potential requirement to provide on-call or shift support outside of normal business hours. Potential requirement to work irregular hours, including weekends, and public holidays with minimal notice.