BAE Systems Digital Intelligence is home to 4,800 digital, cyber and intelligence experts. We work collaboratively across 16 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments.

About us

The Digital Intelligence division of BAE Systems delivers solutions which protect and enhance the connected world. Everything we do creates a safer future. We help nations, governments and businesses around the world defend themselves against cybercrime, reduce their risk in the connected world, comply with regulation, and transform their operations. We do this using our unique set of solutions, systems, experience and processes.

The IR Lead role is part of our cyber security team, which delivers a diverse range of services to our clients. We support a range of organisations, from large commercial companies, to state and federal government ministries, to military divisions and elements of national security. The IR Lead will have a strong grasp of technology and the components that underpin a modern networked ICT environment, and be comfortable working with a wide range of technologies.

Our team investigates some of the most complex nation state threat actors and intrusions on a daily basis, where members of the Incident Response team are encouraged to learn about other areas of the wider business (such as Threat Intelligence and Security Testing). There will be opportunities to cross train and upskill if the successful applicant is interested.

About you

You are obviously awesome. You enjoy helping others. You are passionate about what you do. You enjoy hanging out with the team to get things done. You like the freedom to work from anywhere. You enjoy getting paid.

We are looking for candidates with a strong technical background and deep understanding of the threat landscape that can be applied during emergency response and ongoing threat research.

About the role

In this role, you will be responsible for:

• Leading the investigation of cyber-attacks against our customers as part of the global Incident Response team.
• Development of tradecraft in investigating complex attacks and mentoring of new joiners.
• Conduct forensic analysis of Windows, Linux and macOS systems.
• Perform analysis of log files such as firewall, proxy and DNS logs.
• Assessment of tools, techniques, and procedures of different actors from hacktivist to criminal to nation state.
• Supervising and mentoring junior security consultants
• Contributing to business development activities
• Collaborating with your peers across the Digital Intelligence business, both in Australia and overseas, to look for ways to continuously add value to the business, build your professional network, share experiences

About your skills:

• Strong subject matter expertise on investigating and responding to cyber intrusions.
• 5 + years' experience in investigating complex network intrusions (by state-sponsored groups or targeted ransomware attacks).
• Experience using forensic tools such as EnCase, Axiom and Cellebrite UFED.
• Awareness of EDR tools such as Crowdstrike, Carbon Black, Microsoft Defender for Endpoint and Cylance.
• Self-starter with ability to identify problems early and come up with solutions using own initiative.
• Ability to communicate complicated technical challenges in business language for a range of stakeholders from IT teams to C-level executives.
• Ability to write Incident Response reports concisely and proficiently, as well as use graphics to illustrate scenarios or datasets.

• Familiarity with the threat landscape and knowledge of threat actors and campaigns.
• Certifications such as CREST (CCIM, CCHIA, CCNIA or CCMRE) or GIAC (GCFE, GCFA, GNFA, GCIH or GREM) an advantage.

What next?

Along with our great people, we offer an attractive base salary and a very sound on-target-earnings package. You will get other benefits and the opportunity to make a significant impact in this growing market. You'll be joining a vibrant, energetic and highly skilled team, and a company dedicated to enhancing your career.

Life at BAE Systems Digital Intelligence

We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance well-being.

Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential.

Division overview: Capabilities

At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Capabilities is the engine that keeps the business moving forward. It is the largest area of Digital Intelligence, containing our Engineering, Consulting and Project Management teams that design and implement the defence solutions and digital transformation projects that make us a globally recognised brand in both the public and private sector.

As a member of the Capabilities team, you will be creating and managing the solutions that earn us our place in an ever changing digital world. We all have a role to play in defending our clients, and this is yours.