- 6 month contract – January 2024 start
- $120 – $130 per hour (inc-Super)
- MS Defender 365, Azure Security Centre, IntSights, Splunk | SIEM, SOAR, TIP, and DLP
- VIC Geelong or ACT (Greenway) office – Hybrid
Our client, a large independent statutory agency, whose focus is to provide services and support to Australians living with disability, Seek the experience of an Assistant Director Cyber Security Operations for a 6 month contract, located in Greenway, South Canberra or Geelong VIC.
Duties of the Assistant Director Cyber Security Operations
- Lead initiatives to develop proactive monitoring, investigation capabilities, and mitigation of security incidents with enterprise and in-house security tools (including Microsoft Defender 365 stack, Azure Security Centre, IntSights, Splunk).
- Work with other ICT stakeholders to identify and implement significant programs of cyber security posture improvement, attack surface reduction, and capability uplift across a zero trust environment.
- Review security event data and triage suspicious/malicious activity from networks and systems.
- Lead incident response activities including initial and detailed investigation, computer forensics, chain of custody implications.
- Be a point of escalation for complex incidents and act as a subject matter expert in areas of cloud security, active defence, and threat mitigation.
- Develop Standard Operating Procedures (SOPs) and implement incident response frameworks and processes from industry best practice (e.g. NIST SP 800-61 Incident Handling Guide, Mitre Frameworks).
- Plan and implement Cyber Operations team operating models, workforce planning, training programs, and analyst career development.
- Lead security testing, technical assurance, and red/purple team exercises and produce and disseminate incident response reports, activity reports, and intelligence and threat briefs.
Skills and Experience Required
- Demonstrated experience with defensive cyber security tools (such as SIEM, SOAR, TIP, and DLP).
- Knowledge of the Information Security Manual (ISM) and cyber security concepts.
- Demonstrated experience implementing and using Incident Response Frameworks (NIST SP 800-61 Incident Handling Guide, Mitre Frameworks).
- Formal tertiary qualifications or industry certifications in a cyber security related field (e.g. Azure/AWS, Splunk Certified).
- Formal security testing or red team certifications (e.g. OSCP, CREST, SANS SEC565).
- Experience leading a cyber security operations team in a large enterprise or Australian Government organisation.
How to Apply
Please forward your resume to Ben Cousins at Recruitment Hive by clicking the Apply button, or email your resume citing Job ID: BC 8606. Alternatively you may call Ben on (02) 6299 1006. Applications close 20/11/2023. however Recruitment Hive welcome late applicants to consider for future opportunities.