Security Technical Operations Lead

Job Description

Introduction As part of a team based on client site in Melbourne CBD, this role is responsible for overseeing delivery of all managed security services for a key client. This is a critical role that requires a special blend of hands-on security technical skills combined with consulting delivery experience and the ability to foster excellent relationships with stakeholder groups. Your role and responsibilities Manage and lead the governance of security operations services to support the client in maintaining a robust security posture. Act as the escalation point for the client related to any matter on managed security services. Establish key security performance indicators that ensure proper service delivery and continuous service improvements. Ensure that the Cyber Security team is on top of the day-to-day security platform management, monitoring, detection, analysis, and response to threat indicators and malicious activities from security systems and intelligence. Ensure security detection, protection, response, and recovery standards, processes, and procedures are up to date, maintained, and followed. Liaise with other teams (internal and external) to ensure threat indicators are rated by severity and responded to in a manner consistent with the threat. Define, measure, and produce aggregated performance metrics and progress reports across all functions of cybersecurity services delivered to the client. Ensure that the Cybersecurity operations team is constantly equipped with the necessary security advice, guidance, and technical expertise resulting in outstanding service delivery. Required technical and professional expertise Previous client delivery experience within a security operations environment. Experience in large-scale IT security operations practices with proven understanding of IT technologies and current threat landscape. Excellent analytical and problem-solving skills, with the ability to prioritize and manage multiple complex projects simultaneously. A thorough understanding of customer service-related performance metrics. Experience in crisis management. Understanding of regulatory frameworks such as AESCSF, SOCI Act. Technical experience in Network security, Firewalls, IPS, Proxies, PAM Platforms, Endpoint security (AV/EDR), SIEM, Email security. Due to the nature of the role, you are required to work 5 days onsite and be an Australian Citizen. Core Security Expertise Firewalls & Network Security: Cisco ASA/Firepower, Palo Alto (PAN-OS, Panorama) (preferred). Proxies & Secure Web Gateways: Prisma (preferred), Zscaler. VPN & Remote Access: Global Protect (preferred), Cisco AnyConnect, SSL/IPSec VPNs. Load Balancers: F5 BIG-IP, Citrix ADC. Microsegmentation: Illumio (preferred), VMware NSX, Cisco Tetration. NAC & Zero Trust: Cisco ISE (preferred), Aruba ClearPass, Zero Trust implementations. Threat Detection & EDR: Microsoft Defender for Endpoint (preferred), CrowdStrike, SentinelOne (advantageous). SIEM & Log Management: Splunk, Microsoft Sentinel, IBM Qradar (preferred). Security certifications such as: CISSP: Certified Information Systems Security Professional. CISM: Certified Information Security Manager. GSNA: GIAC Systems and Network Auditor: AUD507: Auditing Networks, Perimeters, and Systems. GSLC: GIAC Security Leadership Certification: MGT512: SANS Security Leadership Essentials For Managers with Knowledge Compression. Exposure to Operational Technology (OT) / Industrial Control Systems (ICS) is preferred. Energy/Utilities experience is desirable. #J-18808-Ljbffr