This is a Principle Incident Response Manager role with Woolworths Group based in Baulkham Hills, NSW, AU Woolworths Group Role Seniority - senior More about the Principle Incident Response Manager role at Woolworths Group Be the technical expert for all critical breaches, leading deep-dive forensic investigations to determine root cause and impact. Shape the future of the Cyber Security Operations Centre by evolving incident response practices We are Woolworths Group We are Woolworths Group. 200,000 bright minds, passionate hearts and unique perspectives connected by a shared Purpose – ‘to create better experiences together for a better tomorrow.’ It’s that Purpose that fuels our ambition to explore new ideas, make brave commitments and innovate better ways to meet the food and everyday needs of more than 24 million customers every week. If you’re excited to turn today’s blue sky thinking into a better tomorrow for future generations, you’ll find yourself supported and enriched in a dynamic, inclusive and empowering workplace that reflects the diverse communities we serve. With a culture of genuine care, a flexible approach to work and opportunities across the group to grow your career and make a meaningful impact, the possibilities for what we can achieve together are endless. What you'll do This is the Cyber Security Operations Centre (CSOC's) lead technical authority for Incident Response and Digital Forensics, acting as the final expert during critical breaches. You will lead deep-dive forensic investigations to determine root cause and impact. This role is also focused on maturing the team: you will mentor analysts, evolve IR practices, and set the standard for technical excellence to advance the team's operational maturity. Responsibilities include: Take a high level role in larger Incident Responses, including representing the CSOC to executive management Lead deep-dive forensic analysis (memory, disk, network) across all environments. Lead technical response for all high-severity incidents, guiding the team and evidence collection. Elevate CSIRT analyst skills in advanced forensics and IR. Role model what good looks like as a person of influence within the team. Drive the continuous evolution and adoption of IR playbooks. Lead technical debriefs to drive actionable improvements to detection and response. Advocate for new tools, automation, and techniques to reduce response times. Partner with CTI, Detection, and Operations to share intel and improve defenses. What you'll bring To be successful, you will excel at communicating the critical nature of events. You will provide clear, essential business context to stakeholders at all levels, conveying an appropriate sense of urgency to drive a rapid and effective response. You will also have Broad knowledge and confidence of a number of Security applications and tools. Sound Judgment, able to assess conflicting or ambiguous information to determine the correct course of action. Proven critical decision-making skills, you take a calm and methodical approach, making time-sensitive decisions during high-stakes incidents. A solid understanding of both the internal and external enviroments A working knowledge of the kill chain methodology Expert knowledge of information security principles, from core architectures to modern attack vectors. Deep, practical knowledge of networking and protocols The ability to work in both a team environment and independently What you’ll experience A global business with endless career possibilities around every corner and across every discipline – with valuable exposure to a vast and exciting business network. Access to Sonder. Sonder provides free confidential 24/7 personalised financial, medical safety, psychological or physical support for team members and their families. A progressive and competitive leave policy that gives you more space for what matters to you. Team discounts across our range of Woolworths Group brands you know and love and a robust rewards program that celebrates and incentivises purpose-driven work. Opportunity to Salary Sacrifice, enabling team members to purchase selected eligible items or services from pre-tax salary. Can be used for novated leases, superannuation contributions, Qantas Club membership, computing devices etc. Everyone belongs at Woolworths Group Diversity, equity, inclusion, and belonging are key to realising our purpose of better together for a better tomorrow. We recognise the value our team’s diversity brings to our business, customers, and communities and that teams with diverse experiences and backgrounds enrich our group and are better able to innovate and solve problems. As one of the largest employers in Australia and New Zealand, we aim to create a truly inclusive workplace where everyone feels that they belong, can be their best selves, and reach their full potential. We encourage all candidates to apply. Please let us know in your application if we can assist you with any adjustments in the hiring process. Before we jump into the responsibilities of the role. No matter what you come in knowing, you’ll be learning new things all the time and the Woolworths Group team will be there to support your growth. Please consider applying even if you don't meet 100% of what’s outlined Key Responsibilities Leading forensic investigations Evolving incident response practices Mentoring analysts Key Strengths ️ Incident response Digital forensics Communication ️ Security applications knowledge ⚖️ Decision-making Networking knowledge A Final Note: This is a role with Woolworths Group not with Hatch.
