Senior Engineer, Incident and Threat Responder

Job Description :

Senior Engineer Incident & Threat Responder

Location: Australia

About the Role

As a global media and information services company News Corp is committed to protecting its people platforms and content through world-class cybersecurity practices.

We are seeking a Senior Engineer Incident & Threat Responder to join our Cyber Defense team. This role will be instrumental in identifying investigating and responding to advanced cyber threats across a complex global environment. You will operate at the forefront of incident response leveraging threat intelligence forensic analysis and automation to defend critical systems and data.

This is a hands-on technical role for someone who thrives in high-pressure environments enjoys solving complex security challenges and wants to make a tangible impact on enterprise security.

Key Responsibilities

• Lead and coordinate end-to-end incident response activities including detection containment eradication and recovery
• Conduct deep-dive investigations into security events including malware analysis phishing insider threats and advanced persistent threats (APTs)
• Perform digital forensics across endpoints networks and cloud environments
• Develop and enhance incident response playbooks runbooks and standard operating procedures
• Partner with Threat Intelligence teams to proactively identify emerging threats and adversary tactics
• Leverage and tune security tools (SIEM EDR SOAR) to improve detection and response capabilities
• Automate repetitive response tasks using scripting (Python PowerShell etc.)
• Act as an escalation point and mentor for junior analysts and engineers
• Collaborate cross-functionally with IT Legal Privacy and business stakeholders during incidents
• Support post-incident reviews and drive continuous improvement initiatives

Required Qualifications

• 712 years of experience in Incident Response Threat Hunting or Security Operations
• Strong knowledge of attacker tactics techniques and procedures (TTPs) aligned to frameworks like MITRE ATT&CK
• Hands-on experience with:
  • SIEM platforms (e.g. Splunk Sentinel)
  • Endpoint Detection & Response (EDR) tools (e.g. CrowdStrike Carbon Black)
  • Network analysis tools and log investigation
• Experience conducting forensic investigations on Windows Linux and cloud environments (AWS Azure GCP)
• Proficiency in one or more scripting languages (Python PowerShell Bash)
• Strong understanding of networking protocols operating systems and security architecture
• Ability to manage multiple incidents and priorities in a fast-paced environment

Preferred Qualifications

• Experience in media publishing or large enterprise environments
• Familiarity with cloud-native security tools and container security
• Knowledge of threat intelligence platforms and frameworks
• Industry certifications such as:
  • GIAC Certified Incident Handler (GCIH)
  • Certified Information Systems Security Professional (CISSP)
  • GIAC Certified Forensic Analyst (GCFA)

Key Competencies

• Analytical mindset with strong problem-solving skills
• Ability to remain calm and decisive during high-severity incidents
• Strong communication skills including the ability to translate technical findings to non-technical stakeholders
• Collaborative and team-oriented approach
• Continuous learner with a passion for cybersecurity innovation

Equal Opportunity Employer

All qualified applicants will receive consideration for employment without regard to race color religion sex age national origin protected veteran status disability status or any other protected characteristic.

Reasonable Accommodation

We are committed to providing reasonable accommodation for qualified individuals with disabilities in our job application and/or interview process. If you need assistance or accommodation in completing your application or participating in an interview due to a disability email us at . Please put Reasonable Accommodation in the subject line and provide a brief description of the type of assistance you need. This inbox will not be monitored for application status updates.

Please refer to the privacy notice at the bottom of this page for submitting any data access deletion or other data subject rights requests where permitted under your local laws and regulations.