Cyber Security Lead (Operations)

Full-time | Hybrid | Sydney About the OrganisationThis organisation is purpose-driven and community-focused, with a strong commitment to diversity, inclusion and sustainability. Our people are passionate about supporting the communities they serve and take pride in working collaboratively to deliver secure, reliable and future-focused services.Caring for people, the environment and the work we do underpins everything we deliver. We foster a culture built on integrity, respect and continuous improvement, where everyone is supported to contribute and thrive.
Primary Purpose of the RoleThe Cyber Security Lead - Operations plays a critical role in delivering effective cyber security operations across the organisation. The role is responsible for implementing, operating and continuously improving cyber security controls to protect information, systems and services.This position leads operational cyber security activities including incident response, vulnerability management, penetration testing and managed security service oversight. Working closely with internal teams, service providers and stakeholders, the role ensures cyber security risks related to information security, network security, privacy and operational resilience are proactively identified, managed and mitigated.The Cyber Security Lead - Operations operates in a complex and evolving threat environment and contributes to maintaining a strong security posture aligned with organisational objectives and regulatory requirements.
Key Accountabilities

• Provide tactical cyber security advice on existing products, services, business processes, infrastructure and technology solutions to support secure operations and informed decision-making.
• Lead and contribute to vulnerability management activities, ensuring vulnerabilities are identified, assessed, prioritised and remediated through appropriate patching and upgrades based on risk.
• Coordinate and manage network and web application penetration testing, security audits and social engineering assessments, including tracking and oversight of remediation activities.
• Lead cyber security incident response and investigations, ensuring incidents are managed promptly, appropriately prioritised based on risk, and fully resolved with lessons learned documented.
• Maintain security procedures, registers, records and operational documentation, ensuring accuracy and alignment with governance requirements.
• Monitor, report and communicate cyber security operational metrics and KPIs to support ongoing assurance and informed decision-making.

Essential Knowledge, Skills & Experience

• Tertiary qualification in Information Security, Cyber Security, Information Technology, or equivalent relevant experience.
• Strong working knowledge of cyber security frameworks and standards, including ASD Essential Eight, ISO 27001, ISO 27002, ISO 27005, NIST and ISM.
• Demonstrated experience with common cyber security technologies such as SIEM, EDR/XDR and vulnerability management solutions.
• Experience securing email and web platforms, Microsoft 365 security, and Microsoft XDR.
• Proven experience leading cyber security incident response and investigations, including coordination across teams and service providers.
• Experience planning, coordinating and managing penetration testing, vulnerability assessments and security audits across applications, systems and infrastructure.
• Industry certifications such as CISSP, CISA or CISM are highly desirable. If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.

If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion on your career.
#2974534