Create your best future and join Westpac as an Information Security Senior Consultant.
What's the role?
Westpac's Detection and Response team sits within our Information Security Group and is responsible for monitoring and detecting cyber threats.
We analyse and respond to attacks from adversaries targeting the Westpac Group or its customers.
We are looking for an Information Security Senior Consultant to join the Cyber Detection Automation Tooling team with a focus on SOAR Automation.
The ideal candidate will be responsible to lead the design, implementation, and optimisation of Security Orchestration, Automation, and Response (SOAR) solutions.
This role focuses on automating security workflows, integrating tools, and improving incident response efficiency for enterprise environments.
Key responsibilities include:
SOAR Playbook Architecting & Development: Design, build, and maintain advanced playbooks to automate detection, triage, and response processes.
API Integrations & RESTful Requests: Develop and manage integrations between SOAR platforms and security tools using APIs and RESTful services.
Python Scripting: Create custom scripts and connectors to extend SOAR functionality and enable complex automation workflows.
Splunk ES Expertise: Configure and optimise Splunk Enterprise Security, including writing detections and implementing Risk-Based Alerting (RBA).
Security Tool Administration: Oversee and maintain security technologies integrated into SOAR workflows.
SOC Collaboration: Work closely with SOC teams to identify automation opportunities and improve operational efficiency.
Version Control & CI/CD: Utilise Git and CI/CD pipelines for playbook development, testing, and deployment.
AI/LLM Workflow Development (Big Plus): Explore and implement AI-driven automation and large language model (LLM) workflows for advanced use cases.
Documentation & Training: Produce detailed documentation and deliver training sessions for internal teams on SOAR processes and best practices.
Continuous Improvement: Monitor automation performance and recommend enhancements based on evolving threats and technologies.
What do I need?
Proven experience with Splunk SOAR platform.
Strong Python scripting skills for automation and integration.
Deep understanding of API integrations and RESTful requests.
Hands-on experience with Splunk ES, including detection engineering and RBA.
Background in SOC operations and incident response processes.
Experience administering enterprise security tools.
Familiarity with Git and CI/CD pipelines for automation development.
Excellent problem-solving, communication, and stakeholder engagement skills.
Why join us?
We're obsessed with becoming our customers' #1 banking partner for life and we're looking for people who are passionate about helping us achieve that goal.
In return, we're committed to making Westpac the best place to work in the country.
Here are just a few of the ways we're already doing that:
Special offers on banking products and discounts from top brands, including generous employee-only mortgage rates
Flexible work arrangements to help you achieve a greater work/life balance, and a variety of leave options including Culture, Lifestyle and Wellbeing leave.
Tailored learning and development opportunities to help your grow your career within the bank.
Lots of opportunities to 'give back' to the Community by getting involved in our many volunteering initiatives.
Create your future today
To get started, simply click on the APPLY or APPLY NOW button.
We're all about creating a supportive and inclusive community.
We welcome everyone – no matter your age, gender, background, or abilities.
We also provide additional support to welcome our veterans, Indigenous Australians and neurodiverse community.
If you need any adjustments during the recruitment process, you can find out more information and additional contact details by visiting the People with Disability and/or needing Accessibility Requirements page on our website.
#LI-Hybrid.
#J-*****-Ljbffr