Head of Cyber Security Operations

Location: Macquarie Park
Job Type: Permanent
Posted: 23 days ago
Contact: Pravin Manandhar
Reference: 262457

About the Company:

Our client is a large Australian organisation that is a leader in their field. The work culture is collaborative and supportive of each other. They look after their people and provide some of the best benefits, workspaces, and facilities in the industry.

About the Role:

The Head of Security Operations has strategic and operational responsibility for all SOC detection and incident response processes. This includes responsibility for driving continuous improvement within the Security Operations Centre, in collaboration with our Managed Security Service Provider (MSSP). This includes monitoring the MSSP's performance, ensuring adherence to SLAs, and leveraging red team exercises to enhance the SOC's detection and response capabilities. The other dimension of the role is to manage the security engineering team (3rd level analyst, DevSecOps and Security Engineers for IT/OT).


  • Azure Cloud Security
    • Total accountability of the entire Microsoft Azure security stack such as Defender for Cloud XDR, Sentinel, APIM, Azure Key Vault, Vulnerability Management.
    • Work with the internal security architect to drive standard patterns in Azure and overall compliance.
    • Drive continuous security improvement and compliance in our cloud stacks (SaaS, PaaS, IaaS, on-prem private)
  • Incident Management and Coordination:
    • Oversee incident response and investigation efforts, coordinating between internal teams and external service providers.
    • Develop and maintain comprehensive incident response protocols and playbooks that include the MSSP, internal IT teams, business units and other vendors.
    • Facilitate effective communication and action during security incidents.
  • MSSP Performance Monitoring and SLA Management:
    • Regularly monitor and evaluate the MSSP's performance against defined SLAs and key performance indicators.
    • Identify areas where the MSSP is not meeting agreed standards and work collaboratively to address these issues.
    • Ensure that the MSSP delivers services that are aligned with security needs and expectations.
  • Security Operations Compliance and Reporting:
    • Collaborate with service providers to ensure compliance with security standards and regulations.
    • Compile and analyse reports from various sources to provide a holistic view of security operations.
    • Regularly assess the effectiveness of the SOC and its alignment with overall security goals.
  • Continuous Improvement and Collaboration:
    • Lead initiatives for continuous improvement in SOC operations with the MSSP.
    • Ensuring security compliance towards NIST CSF /ASD8 and SOCI Controls
    • Lead internal and external teams to drive efficiency and automate where possible.
  • Red Team Coordination and SOC Enhancement:
    • Coordinate with the red team to conduct security testing exercises.
    • Analyse outcomes from red team activities to improve the SOC's detection and response capabilities.
    • Integrate insights from testing into SOC practices to enhance overall security posture.
  • Building a new high performing team:
    • Work with the CISO to develop a new operating model to support ongoing maturity.
    • Forester a high performing team and align them to the overall strategy.
    • Work with the CSPR project and internal team to drive security outcomes and improvements.

Skills and Experience:

  • Building and delivering Cyber strategies aligned to NIST CSF framework.
  • Experience in SOC management, especially in an environment with outsourced services.
  • Relevant security certifications such as CISSP, CISM, OSCP or similar.
  • Knowledge of red team operations and their implications for SOC effectiveness.
  • Experience building Azure security practices (DevOps, DevSecOps)
  • Experience in incident response coordination
  • Vendor management and SLA oversight experience
  • Experience in Logistics/supply chain industries or Critical Infrastructure will be highly regarded.

For more information or a confidential discussion, please contact Eugene Pradhan or Pravin on pravin.manandhar@peoplebank.com.au quoting reference 262457.

To apply please click the 'Apply Now' button.

Diversity and inclusion are strongly supported at Peoplebank. People of all nationalities, gender identities, and cultural backgrounds, including Aboriginal and Torres Strait Islander Peoples, are encouraged to apply.