19 Jul
Infinite Talent Group
Canberra
**Location of work: ACT, VIC**
**Length of contract: 6 Months**
**Security clearance: Australian Citizen**
**Working arrangements**:
Subject to negotiations with line manager, hybrid working arrangements in line with current client policy are available (minimum of 3 days each week in the office, with flexible arrangements in place for the remaining 2 days). Please note this role will require working in a Security Operations Centre in Canberra or Geelong with the potential for a requirement to work a rotating roster between 0700 and 1900 AEST.
The Assistant Director of Cyber Operations will undertake technical cyber security activities under the leadership of the Director of Cyber Security Operations.
Assistant Director of Cyber Operations must possess and demonstrate leadership and technical competency in areas of cloud security (Azure/AWS), endpoint and network security, threat intelligence and hunting, data loss prevention, vulnerability management, and incident response.
The Assistant Director will be required to develop people, processes, and tools for the protection of the Agency's systems, users, and data, to support client's objectives.
Leading the Cyber Operations team, the role will help ensure that it has the capability to build and protect cyber-resilient information technology platforms and support strategic objectives.
The role will involve the key responsibilities:
- Lead initiatives to develop proactive monitoring, investigation capabilities, and mitigation of security incidents with enterprise and in-house security tools (including Microsoft Defender 365 stack, Azure Security Centre, IntSights, Splunk)
- Work with other ICT stakeholders to identify and implement significant programs of cyber security posture improvement, attack surface reduction,
and capability uplift across a zero-trust environment
- Review security event data and triage suspicious/malicious activity from networks and systems
- Lead incident response activities including initial and detailed investigation, computer forensics, chain of custody implications
- Develop Standard Operating Procedures (SOPs) and implement incident response frameworks and processes from industry best practice (e.g., NIST SP 800-61 Incident Handling Guide, Mitre Frameworks)
- Plan and implement Cyber Operations team operating models, workforce planning, training programs, and analyst career development
- Lead security testing, technical assurance, and red/purple team exercises and produce and disseminate incident response reports, activity reports, and intelligence and threat briefs.
**Essential criteria**:
- Demonstrated experience with defensive cyber security tools (such as SIEM, SOAR, TIP, and DLP).
- Knowledge of the Information Security Manual (ISM) and cyber security concepts.
- Demonstrated experience implementing and using Incident Response Frameworks (NIST SP 800-61 Incident Handling Guide, Mitre Frameworks).
- Formal tertiary qualifications or industry certifications in a cyber security related field (e.g., Azure/AWS, Splunk Certified).
- Lead a cyber security operations team in a large enterprise or Australian Government organisation.
Impress this employer describing Your skills and abilities, fill out the form below and leave Your personal touch in the presentation letter.