Macquarie Group
Sydney, NSW, SYDNEY, Australia
Job Type


About the job


Join Macquarie’s Cyber Threat Incident Response (CTIR) team based in our Sydney office as a Cyber Threat Defense Analyst. In this role, you will be working alongside a diverse team in multiple offices around the globe and be responsible for detecting, identifying, triaging, and mitigating threats and risks in our global cyber environment. You will also act to ensure that Macquarie’s digital estate is protected from threats both known and unknown.

Your first-class technical skills are required to continuously identify, assess, and manage threats relative to the corporate risk appetite by leveraging technology and your experience to analyze data. Experience in log aggregation and analysis will be crucial in detecting and triaging potential or active security incidents.

Using your attention to detail and data driven approach you will act as an expert for the CTIR function to provide leadership, focus, and accountability for CTIR activities.

Your understanding of cyber threat as a function of human motivation, combined with your experience in actively detecting and defending against that threat utilizing a combination of standard cyber tools and your own system/platform/network knowledge, will be highly beneficial in this role alongside your similarly skilled and experienced peers.

To be successful in this role you must have a minimum of 5 years of related security or operational experience in large enterprise environments, as well as operational experience across Windows, UNIX, networking and hosting domains. Experience and a strong understanding of security technology and defense topologies are imperative to be successful in this role.

What is the job?

  • Triage active alerts and campaigns for potential systemic threats to our global business
  • Proactively seek out suspicious activity and threats within the environment, act appropriately to contain and mitigate them
  • Perform real-time detection, analysis, and response to threats via an EDR tool
  • Analyze latest malware discoveries/shifts to understand how/if it would be effective in the environment
  • Create new alerts and investigation methods in relation to the ever-changing threat landscape
  • Analyze attacks and trends facing the organization and industry to better define proactive defensive measures
  • Track, provide, and present analysis into observed attacks against Macquarie
  • Investigate threat actor activity and discover their infrastructure, motivations, and potential future actions
  • Take proactive actions to have observed brand impersonating and malicious sites removed
  • Discover internal security concerns and raise findings with the appropriate internal teams
  • Review processes, defense plane, technologies, and alerts in search of improvement

What the ideal candidate should know/have experience with:

  • Splunk or other large log aggregation system
  • An Endpoint detection and response (EDR) platform
  • A Security Orchestration, Automation, and Response platform (SOAR)
  • Email gateway security controls
  • How to chase actors beyond these tools
  • Analyzing Emails (e.g reading and understanding email headers, infrastructure)
  • Knowledge and experience decoding and deciphering malicious code
  • Analytical mindset
  • Offensive Security/Adversarial mindset
  • Scripting language understanding (Python, Powershell, etc.)
  • Malware analysis (manual, static, and dynamic)
  • Familiarity with various network and cloud architectures
  • Identity and Access Management (IAM)
  • User and Entity Behavior Analytics (UBA/UEBA)
  • Familiarity with the MITRE Att&ck framework

About The Corporate Operations Group

The Corporate Operations Group brings together specialist support services in Digital Transformation & Data, Technology, Operations, Human Resources, Business Services, Corporate Strategy & Solutions, and the Macquarie Group Foundation. We deliver service excellence to ensure Macquarie is open for business, deliver on transformational change, invest in our people and have deep relationships with our customers.

Our commitment to Diversity, Equity and Inclusion

The diversity of our people is one of our greatest strengths. An inclusive and equitable environment enables us to deliver innovative and sustainable outcomes for our people, clients, shareholders and communities. From day one, you'll be encouraged to be yourself and supported to perform at your best. If our purpose of ‘empowering people to innovate and invest for a better future’ is as inspiring to you as it is to us, please apply. With the right technology, support and resources, our people can work in a range of flexible ways.

We are committed to providing a working environment that embraces and values diversity, equity and inclusion. We encourage candidates to speak with a member of our recruitment team if you require adjustments to our recruitment process to support you, and the type of working arrangements that would help you thrive.

About Macquarie

A career at Macquarie means you’ll have the opportunity to develop and utilise new skills, explore interesting fields and do challenging work that will impact the lives of people around the world—whether it’s accelerating the green energy transition, helping sustain global food supplies, financing social housing projects or investing in essential infrastructure. At Macquarie, we’re empowering people to innovate and invest for a better future.

Our size and international presence means your work can take you anywhere—across business groups, disciplines, sectors and borders. With 18,000+ employees and offices in 33 markets around the world, we’re a truly global organisation.

You’ll be supported by a diverse team where the unique perspectives, ideas and experiences that all of our people bring are valued. You’ll be empowered to address unmet needs in our communities whilst advising and investing alongside our clients and partners. Working with us, you’ll have the opportunity to make a difference.

Macquarie is a global financial group providing clients with asset management, retail and business banking, wealth management, leasing and asset financing, market access, commodity trading, renewables development, specialist advisory, capital raising and principal investment.

Find out more at

Job no: COG-970535

Work type: Permanent - Full time

Location: Sydney

Category: Mid-level, Technology

Group: Corporate Operations Group

Division: Technology

Recruiter: Madhura Velhal

Opening Date: 21/12/2022

Drop files here browse files ...

Related Jobs

IT Service Desk Analyst   Sydney, New South Wales, Australia, SYDNEY, Australia
Level 2 IT support - MSP   Sydney, New South Wales, Australia, SYDNEY, Australia
Cyber Threat Hunting and Incident Response (experienced )   Canberra, Australian Capital Territory, Australia, CANBERRA, Australia
Senior Consultant, Cyber Threat Intelligence   Melbourne, Victoria, Australia, MELBOURNE, Australia
Threat Intelligence Analyst   Melbourne, Victoria, Australia, MELBOURNE, Australia