The Security Operations Manager is a pivotal role responsible for maturing the defensive capabilities of Fivecast. Reporting to the InfoSec Manager, you will lead the operational and engineering stream, driving the shift toward proactive preventative controls and automation.
This position combines hands‐on technical execution with leadership. You will provide direct mentorship to junior and mid‐level staff, supporting their professional development and project delivery, with some managerial responsibilities. As a practitioner who is still "on the tools," your focus is on reducing toil through automation, tuning detection logic, and ensuring the security stack provides high‐fidelity signals.
Responsibilities
* Lead the daily technical execution of the SecOps and SecEng streams. Mentor junior staff and review their technical output to ensure the team delivers on high‐value strategic goals
* Establish, uplift, and maintain the library of Standard Operating Procedures (SOPs) and Playbooks. Ensure the team has a repeatable, documented standard for every core task to eliminate tribal knowledge
* Own the Security Service Desk (Jira) and associated workflows. Engineer the intake forms and automations to reduce friction and ensure the security team is an enabler for the business
* Take ownership of the detection logic within our SIEM and EDR platforms. Tune signals to the specific threat landscape of an OSINT SaaS provider to reduce noise and increase fidelity
* Act as a primary technical escalation point for security incidents. Lead deep‐dive investigations and forensics during business hours and coordinate best‐effort responses to critical events
* Move beyond simple patching to a risk‐based approach. Prioritise remediation across Linux, macOS, and AWS environments based on asset criticality and real‐world exploitability
* Optimise the configuration and health of our security stack. Ensure we are utilising the full feature sets of our SASE, Application Control, and Enterprise Log Management platforms
Requirements
Defence Clearance
* Must be an Australian Citizen
* Must be eligible to obtain an Australian Government Security Clearance (NV1/NV2). Current clearance is highly desirable
Technical Experience
* 5+ years of experience in technical security roles (e.g., Security Engineering, SOC Lead, Incident Response)
* Demonstrated experience with modern XDR platforms (CrowdStrike preferred) and SIEM engineering
* Strong proficiency in Linux (Debian/Ubuntu) and macOS environments
* Practical experience with AWS security services and architecture
* Experience with scripting and automation (Python, Bash) is essential
Qualifications
* CompTIA Security+ and advanced technical certifications such as BTL2, GCIH, OSCP, or vendor‐specific engineering certifications (e.g., AWS, GCP, CrowdStrike)
* Tertiary qualifications in Computer Science, IT, or Cyber Security are desirable
Skills and Attributes
* Demonstrated ability to mentor others and foster a culture of technical excellence and continuous learning
* Strong written and verbal skills, capable of articulating technical security concepts to diverse technical, business, and executive audiences. Able to provide positive and constructive feedback to peers
* Highly motivated and able to navigate ambiguity, asking the right questions, identify existing patterns, and solve operational problems independently, leveraging automation, and enabling the rest of the team
* High level of attention to detail and consistency, particularly regarding documentation and change management
* Ability to design and implement pragmatic, "right‐sized" solutions appropriate to risk, focusing on business enablement without compromising security posture
* A "builder" mindset with a preference for engineering permanent solutions to fix root causes
* Comfortable working in a fast‐paced, high‐growth environment
#J-18808-Ljbffr