Overview
Cyber Security Operations Manager — LEAP Legal Software, Sydney, NSW, AU
LEAP is expanding its security program to support growth into enterprise, government, and highly regulated markets. You will lead LEAP's global security operations capability, ensuring cyber security controls, monitoring, and incident response processes are effective, scalable, and embedded across the organisation. You will own the operational delivery of LEAP's security program across multiple products, entities, and regions, with a focus on automation, reducing manual processes, and ensuring controls are consistently implemented and monitored. You will work with Engineering, Development, IT, Product, and Legal to support compliance frameworks such as SOC 2 and ISO, and ensure audit evidence can be produced efficiently and reliably.
Responsibilities
Application Security
* Embed secure development practices across products, including threat modelling, automated security testing, and penetration testing.
* Partner with engineering teams to identify and remediate vulnerabilities and strengthen the secure SDLC.
Cloud and SaaS Security
* Improve security across AWS, Azure, and SaaS environments, including access reviews, vendor risk assessments, and secure configuration.
* Collaborate with DevOps to integrate security into CI/CD pipelines and infrastructure as code.
* Lead security incident response and maintain clear playbooks and response processes.
* Build security awareness and training across the organisation.
Governance and Compliance
* Support security frameworks including SOC 2 and ISO standards, ensuring controls are implemented and evidence is available for audits.
* Drive automation of evidence collection, risk assessments, and compliance processes.
Security at Scale
* Partner with engineering, IT, and product teams to embed security without slowing delivery.
* Identify opportunities to automate security operations and build a scalable security program as LEAP grows.
Qualifications
* 5–8 years' experience in cybersecurity, application security, or related engineering roles.
* Strong knowledge of web app & cloud security, OWASP Top 10, and SANS CWE Top 25.
* Experience across firewalls, IDS/IPS, SIEM, DLP, PAM, and endpoint security.
* Certifications such as OSWE, OSCP, CSSLP, CISSP, or CCSP are highly desirable.
* Proven experience in Information Security roles within SaaS, cloud, or technology environments.
* Hands-on experience owning application security programs, and supporting enterprise customer security due diligence.
* Strong understanding of cloud infrastructure, SaaS architectures, and modern software delivery practices.
* Experience supporting audits, managing evidence, and engaging directly with customers, auditors, and internal stakeholders.
* Prior people leadership experience, or readiness to build and lead a small cyber security team.
You are the type of person who
* Takes ownership of security issues and drives them through to resolution.
* Builds strong, pragmatic relationships across engineering, IT, product, legal, and sales.
* Communicates risk and trade-offs clearly to senior stakeholders.
* Balances security, compliance, and commercial priorities in decision making.
* Adapts quickly in a fast moving, evolving environment.
* Translates technical security concepts into clear, business focused guidance.
#J-18808-Ljbffr