Title: Cyber Security Incident Response Lead
Location: Sydney
Type: Full-Time | Hybrid (Work-from-Home and Onsite)
We are seeking an accomplished Cyber Security Incident Response Lead to lead a high-performing Cyber Security Incident Response Team (CSIRT) within a respected higher education institution. This role is critical in enhancing our organisation's security posture and response capabilities.
Extensive experience working within a Security Operations Centre (SOC) environment is essential, as is a strong background in incident response and leadership. While experience in the higher education sector is beneficial, it is not a requirement.
Key Responsibilities
* Lead, mentor, and develop a team of cyber security professionals, ensuring effective incident detection, response, and resolution.
* Manage and coordinate security incidents across the organisation, acting as the escalation point for complex and high-impact events.
* Design, implement, and maintain incident response playbooks and processes aligned with industry best practices.
* Deliver regular security reporting and post-incident analysis to identify trends, improve processes, and inform strategic decisions.
* Perform proactive threat hunting and support intelligence-led defensive measures.
* Collaborate with MSSPs, technology vendors, and service providers to ensure high-quality service delivery and contract compliance.
* Lead crisis management initiatives, working closely with business continuity and disaster recovery teams.
* Oversee the SOC's operations, driving continuous improvement in detection and response capabilities.
* Participate in an on-call roster to support urgent or critical incident response activities.
About You
* Minimum 10 years' experience in cyber security, including at least 3 years in a managerial or leadership role.
* Proven experience working within a SOC environment is essential.
* Deep understanding of incident response, threat intelligence, digital forensics, and cyber security frameworks (e.g., NIST, ISO 27001).
* Hands-on knowledge of key technologies including SIEM, EDR/EPP, WAF, SEG, NGFW, IAM, and others.
* Strong track record of managing MSSPs and coordinating with external partners.
* Excellent analytical, communication, and stakeholder engagement skills.
* Relevant certifications such as CISSP, CISM, GCIH, or GCFA are highly desirable.
Why Join Us?
* Play a pivotal leadership role in one of Australia's most prominent higher education institutions.
* Lead a team operating at the forefront of cyber security strategy and operations.
* Benefit from flexible hybrid work arrangements and a supportive, forward-thinking environment.
* Enjoy competitive salary packaging and ongoing professional development opportunities.
If you are an experienced SOC leader ready to make a difference in a meaningful and dynamic environment, we'd love to hear from you.
Apply today and help shape the future of cyber resilience in higher education.