Contract Type
Contract
Reference
BH-370390
Industry
IT
Salary
Negotiable
**Location**: Melbourne or Canberra.
- **Duration**: 6-month contract.
- **Eligibility**: Australian citizenship with ability to obtain Baseline Security Clearance.
- WFH 2 days per week.**About the opportunity**:
The
- _EL1 Assistant Director of Cyber Operations_ will undertake technical cyber security activities, developing people, processes, and tools for the protection of the Agency's systems, users, and data.
- You will lead the Cyber Operations team, ensuring the agency has the capability to build and protect cyber-resilient information technology platforms and support strategic objectives.-
**Responsibilities**:
- Lead initiatives to develop proactive monitoring, investigation capabilities, and mitigation of security incidents with enterprise and in-house security tools (including Microsoft Defender 365 stack, Azure Security Centre, IntSights, Splunk)
- Identify and implement significant programs of cyber security posture improvement, attack surface reduction, and capability uplift across a zero-trust environment.
- Review security event data and triage suspicious/malicious activity from networks and systems
- Lead incident response activities including initial and detailed investigation, computer forensics, chain of custody implications.
- Develop Standard Operating Procedures (SOPs) and implement incident response frameworks and processes from industry best practice (e.g. NIST SP 800-61 Incident Handling Guide, Mitre Frameworks)
- Plan and implement Cyber Operations team operating models, workforce planning, training programs, and analyst career development.
- Lead security testing, technical assurance, and red/purple team exercises and produce and disseminate incident response reports, activity reports, and intelligence and threat briefs.
**Skills and experience required**:
1. Experience with defensive cyber security tools (such as SIEM, SOAR, TIP, and DLP)
- 2. Knowledge of the Information Security Manual (ISM) and cyber security concepts.
- 3. Experience implementing and using Incident Response Frameworks (NIST SP 800-61 Incident Handling Guide, Mitre Frameworks)
- 4. Formal tertiary qualifications or industry certifications in a cyber security related field (e.g. Azure/AWS, Splunk Certified)
- 5. Formal security testing or red team certifications (e.g. OSCP, CREST, SANS SEC565)
- Please note this role will require working in a Security Operations Centre in Canberra or Geelong with the potential for a requirement to work a rotating roster between 0700 and 1900 AEST.
- For more information or for a confidential discussion, please contact Ebony Henderson on 02 6113 7534 quoting reference number 370390 alternatively please APPLY NOW for consideration of this role.