Lead Engineer, Cyber Security, Incident and Threat Responder
Job Description
Job Description :
Lead Engineer, Cyber Security, Incident and Threat Responder
Team: News Corp - Cyber Defense
Location: APAC - AEST Timezone
Hours: 9am-5pm (AEST)
As a Cyber Defence Generalist within the Cyber Defense team, we are looking for a person who is able to engage and protect the organization across multiple areas of the security environment. Their responsibilities include identifying and responding to cyber security events, investigating incidents across different systems and technologies, documenting findings, and communicating relevant information to stakeholders to support timely and informed decision making.
This person will contribute to the development and continuous improvement of incident response processes and helps ensure the organization is prepared to respond effectively to cyber threats. This includes supporting the creation of response plans and participating in exercises that test and strengthen the organization’s readiness.
The primary focus of this role is to reduce the impact of active security incidents through effective investigation, coordination, and response. In addition, the person works proactively to improve the organization’s ability to prevent, detect, investigate, respond to, and recover from cyber security threats across the broader technology environment.
Responsibilities
Support internal incident response engagements across News Corp Business Units by helping teams understand, mitigate, and remediate cyber threats and risks.
Conduct complex technical analysis during incidents and develop evidence based conclusions from multiple data sources.
Continuously monitor for and investigate internal and external threats using industry leading security technologies.
Contribute to the overall security mission by correlating diverse sources of data, analyzing evidence, determining appropriate remediation strategies, and coordinating actions until incidents are fully contained and resolved.
Establish and maintain high standards for incident documentation, ensuring that investigative activities are clearly recorded, incident reports are comprehensive, and post-incident reviews capture lessons that improve the organization’s defensive posture.
Drive continuous improvement through collaboration with threat simulation teams, security architecture, detection and response engineering, and business unit stakeholders.
Lead and support the development of improved approaches to detecting, responding to, and eradicating advanced threats. This includes identifying opportunities to enhance response speed, improving analyst effectiveness, and integrating automation and orchestration where appropriate to streamline investigation and remediation activities.
Maintain awareness of evolving attacker techniques through ongoing research into security tools, techniques, and procedures.
Communicate incidents clearly and effectively to stakeholders across the organization.
Skills
The ideal Incident and Threat Responder will have a proven track record of working within the Security Incident Response space. A broad range of Cloud Security expertise is of interest. This role is looking for practical experience (hands-on) in most of the following areas:
Familiarity with the tactics, techniques, and procedures commonly used by threat actors, including an understanding of attacker motivations and how adversary behavior appears across modern enterprise environments.
Strong technical communication skills, both written and verbal, with the ability to brief executive leadership during security incidents and collaborate with technical teams to resolve complex security issues, including during time sensitive or high pressure situations.
Ability to present technical subject matter to senior leadership and translate complex security concepts for audiences with varying technical backgrounds and levels of expertise.
Broad, full stack security knowledge enabling analysis of attacks that span networks, infrastructure, compute platforms, and applications.
Familiarity with scripting or development using modern languages such as Python, Go, or Ruby to support investigation, automation, and operational efficiency.
Understanding of modern application architectures including serverless environments, mobile platforms, and distributed systems.
Experience supporting incident response activities in cloud environments, such as in security operations, incident response, or security engineering roles.
Experience working with public or private cloud environments, with preference for experience in AWS.
Strong operating system knowledge across enterprise platforms including RHEL, Ubuntu, and Windows Server.
Understanding of host based security controls and endpoint security tooling used to detect and investigate malicious activity.
Ability to identify network based attacks and systemic security issues related to threats and vulnerabilities, with the capability to recommend practical remediation or defensive improvements.
Strong analytical and problem solving skills, with the ability to apply conceptual thinking and attention to detail during investigations and analysis.
Ability to work effectively with peers across technical teams and collaborate with multiple levels of management within the organization.
Strong organizational skills with the ability to balance and prioritize competing operational priorities in a dynamic security environment.
Excellent written and verbal communication skills that support effective interaction with stakeholders across technical, operational, and leadership teams.
Highly self motivated with the ability to identify areas requiring attention and proactively address new challenges with minimal direction.
Experience
Multiple years of cyber security experience.
Preferably 5 years specializing in incident response and system monitoring and analysis, leading investigations and coordinating security response team activities.
Bachelor’s degree in computer science, information assurance, MIS or related field, or equivalent work experience.
Experience with security frameworks and privacy compliance requirements (ISO 27001, NIST CSF, GDPR, etc.).
Knowledge of multiple computing platforms, including Network, Windows, OSX, Linux, Unix, networks and endpoints.
Expertise using Security Correlation and Analytics platforms / SIEM platforms.
Preferred certifications: GCFA, GCFE, CFCE, CDFE, CHFI or other forensic related certifications
About News Corp
News Corp is a global, diversified media and information services company focused on creating and distributing authoritative and engaging content to consumers throughout the world. The Company comprises leading businesses across a range of media, including: news and information services, digital real estate services, book publishing, digital education, and sports programming and pay-tv distribution.
Equal Opportunity Employer
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status or any other protected characteristic.
Reasonable Accommodation
We are committed to providing reasonable accommodation for qualified individuals with disabilities in our job application and/or interview process. If you need assistance or accommodation in completing your application or participating in an interview due to a disability, email us at [email protected]. Please put "Reasonable Accommodation" in the subject line and provide a brief description of the type of assistance you need. This inbox will not be monitored for application status updates.
Please refer to the privacy notice at the bottom of this page for submitting any data access, deletion, or other data subject rights requests, where permitted under your local laws and regulations.