Job Title: EL1 Assistant Director Cyber Security Operations
Location: Canberra /Hybrid work arrangement
Duration: 6 months with possible extension
The Assistant Director of Cyber Operations will undertake technical cyber security activities under the leadership of the Director of Cyber Security Operations. Assistant Director of Cyber Operations must possess and demonstrate leadership and technical competency in areas of cloud security (Azure/AWS), endpoint and network security, threat intelligence and hunting, data loss prevention, vulnerability management, and incident response.
* Lead initiatives to develop proactive monitoring, investigation capabilities, and mitigation of security incidents with enterprise and in-house security tools (including Microsoft Defender 365 stack, Azure Security Centre, IntSights, Splunk)
* Work with other ICT stakeholders to identify and implement significant programs of cyber security posture improvement, attack surface reduction, and capability uplift across a zero trust environment
* Review security event data and triage suspicious/malicious activity from networks and systems
* Lead incident response activities including initial and detailed investigation, computer forensics, chain of custody implications
* Be a point of escalation for complex incidents and act as a subject matter expert in areas of cloud security, active defence, and threat mitigation
* Develop Standard Operating Procedures (SOPs) and implement incident response frameworks and processes from industry best practice (e.g. NIST SP 800-61 Incident Handling Guide, Mitre Frameworks)
* Plan and implement Cyber Operations team operating models, workforce planning, training programs, and analyst career development
* Lead security testing, technical assurance, and red/purple team exercises and produce and disseminate incident response reports, activity reports, and intelligence and threat briefs
* Demonstrated experience with defensive cyber security tools (such as SIEM, SOAR, TIP, and DLP)
* Knowledge of the Information Security Manual (ISM) and cyber security concepts.
* Demonstrated experience implementing and using Incident Response Frameworks (NIST SP 800-61 Incident Handling Guide, Mitre Frameworks)
* Formal tertiary qualifications or industry certifications in a cyber security related field (e.g. Azure/AWS, Splunk Certified)
* Formal security testing or red team certifications (e.g. OSCP, CREST, SANS SEC565)
* Lead a cyber security operations team in a large enterprise or Australian Government organisation
Due to security clearance requirements for this role, candidates must be Australian citizens and can obtain security clearance.
If this role aligns with your skills and aspirations, apply now for immediate consideration. Contact Archna Singh at 02 6245 1708, quoting Job Reference: # 259013
The application deadline for this position is on 17th Nov 2023.
Please note that only candidates meeting the specified criteria will be contacted. Your interest in the position is greatly appreciated.
Diversity and inclusion are strongly supported at Peoplebank. People of all nationalities, gender identities, and cultural backgrounds, including Aboriginal and Torres Strait Islander Peoples, are encouraged to apply.