Executive Level 2
$127,501 - $153,049
The Infrastructure and Platforms Branch, within the Technology and Services Division, plays a critical role in the delivery and support of the department’s application and hosting services through the provision and operation of core ICT infrastructure.
The Cyber Operations team, within the Infrastructure and Platforms branch, role is to monitor and detect anomalous network and internet activity across the enterprise. The team is responsible for the analysis and correlation of network traffic and security event information for malicious code and user behaviour. This includes: incident response and restoration activities for cyber-attacks along with investigation and impact analysis post-cyber incidents; undertaking enterprise vulnerability assessments and reporting including Essential 8 reporting. The team manages the toolset and operation of the Department’s Security Information and Event Management (SIEM) and the centralised logging capability. The team provides security assurance for infrastructure-related changes. The Cyber Operations team consists of two sub teams – Cyber Intelligence and Internet Gateway.
The team provides 24x7 support for the business-critical IT infrastructure and applications which underpins the department and supported agencies.
Infrastructure and Platforms Branch is seeking to fill the position of Director Cyber Operations and we’re keen to explore applications from suitable candidates who are skilled and have extensive experience in the following areas:
Manage and maintain Internet Gateway Environment (IGE), including web proxies, firewalls, DNS, f5 load balancers (for public-facing websites), sandbox equipment, internet mail services, intrusion prevention and GovLink services
Manage inter-agency network links, e.g. to Services Australia
Onboarding and maintenance of event logs of all types
Management of a centralised logging facility and Security Information and Event Management (SIEM) systems
Cyber incident response, preparation, playbook management
Vulnerability scanning and reporting
Essential 8 compliance reporting
Delivery of Threat Intelligence Platform projects
Gateway asset replacement and improvement projects
This is a high pressure, high workload position but rewarding role within a technical branch which prides itself on delivering quality outcomes. There are occasions where working outside of normal business hours will be required when responding to security incidents, or undertaking critical maintenance.
If you are genuinely passionate about your career, innovative, have an interest in working with cutting-edge technologies and are willing to go the extra mile we want to hear from you.