Job Description
Apply now
Senior Incident Response Specialist
Business Unit:  Technology
Sourcing Location:  Victoria

About the role: Senior Cyber Incident Response Specialist

Reporting to the Cyber Defence Leader, the role will srengthen EnergyAustralia's cyber defence capability by leading the investigation and response to complex security incidents across IT and OT environments. Responsibilities include:

  • Drive the improvement of detection logic, response playbooks, and operational processes, and guide less experienced team members to build a resilient and effective incident response function
  • Monitor adherence to established governance frameworks, escalation procedures, and service level expectations, identifying and raising gaps
  • Support and develop personal technical capability in line with the evolving threat landscape and team skill requirements
  • Lead Incident detection & response, perform analysis across logs, endpoint telemetry & network data
  • Lead post-incident reviews, root cause analysis, and lessons learned documentation to support continuous improvement of the incident response function

 

 

Be Impactful when you are applying…

You’re and experienced incident response specialist coming with experience across similar complex corporate environments. Additionally, you will also have most of the following:  

  • Bachelor’s degree in Cybersecurity or CompSci and/or relevant certifications such as GCIH, GCFA or CompTIA highly regarded   
  • 5+ years of hands-on experience in security incident response or security operations, including experience leading investigations in complex environments.
  • Extensive experience with SIEM platforms (Microsoft Sentinel, Splunk, or similar), EDR/XDR solutions, and security orchestration tooling.
  • Demonstrated ability to lead and coordinate technical response to complex security incidents across enterprise IT and OT environments.
  • Strong working knowledge of:
    • Cyber-attack frameworks (e.g. MITRE ATT&CK, Cyber Kill Chain) and the current threat landscape, applied to lead investigations, detection engineering, and defensive improvements.
    • Systems and networks including Windows, Linux, Active Directory, Entra ID, Linux, TCP/IP, firewalls, VPNs, and IDS/IPS.
  • Leading investigations across cloud platforms (AWS, Azure, GCP, SaaS platforms).
  • Advanced data analysis skills using KQL or equivalent query languages.
  • Excellent written and verbal communication skills, demonstrated by the ability to communicate complex technical findings clearly to senior and non-technical audiences.
  • Willingness and availability to participate in a 24/7 on-call roster.
  • Scripting capability in PowerShell and/or Python to support automation and investigation workflows (desirable)

 

How to Apply:

If you’re ready to ‘light the way’ towards your next career move, click the 'Apply’ button to submit a confidential application. For any questions reach out to Jock Clydesdale, Talent Partner – Technology @ jock.clydesdale@energyaustralia.com.au  

 

 

Why Us?

EnergyAustralia is a place where all employees are genuinely valued, supported, and free to be themselves — because we believe that’s when we’re at our best.

We embrace diversity of background, experience, and perspective, and we encourage applications from Aboriginal and Torres Strait Islander peoples, people with disability, and those from the LGBTQ+ community.

 

Here’s what you can look forward to:

  • Employee discounts on electricity and gas, plus savings on major brands and products
  • 20 weeks’ paid parental leave – completely gender-equal
  • Energise Program – flexible working that’s team-centric, enabling teams to agree and succeed together
  • Performance recognition and incentive programmes – tailored to different roles and teams to reward great work throughout the year
  • Supportive leaders and a down-to-earth culture where you can be your authentic self

 
Apply now