Company Logo

Director, Cyber Operations

Australian Government - Department of Education, S...
Annual Salary
$127,501 - $153,049 a year

Job Description

Executive Level 2

Canberra, ACT

$127,501 - $153,049

The Infrastructure and Platforms Branch, within the Technology and Services Division, plays a critical role in the delivery and support of the department’s application and hosting services through the provision and operation of core ICT infrastructure.

The Cyber Operations team, within the Infrastructure and Platforms branch, role is to monitor and detect anomalous network and internet activity across the enterprise. The team is responsible for the analysis and correlation of network traffic and security event information for malicious code and user behaviour. This includes: incident response and restoration activities for cyber-attacks along with investigation and impact analysis post-cyber incidents; undertaking enterprise vulnerability assessments and reporting including Essential 8 reporting. The team manages the toolset and operation of the Department’s Security Information and Event Management (SIEM) and the centralised logging capability. The team provides security assurance for infrastructure-related changes. The Cyber Operations team consists of two sub teams – Cyber Intelligence and Internet Gateway.

The team provides 24x7 support for the business-critical IT infrastructure and applications which underpins the department and supported agencies.

The Position

Infrastructure and Platforms Branch is seeking to fill the position of Director Cyber Operations and we’re keen to explore applications from suitable candidates who are skilled and have extensive experience in the following areas:

Manage and maintain Internet Gateway Environment (IGE), including web proxies, firewalls, DNS, f5 load balancers (for public-facing websites), sandbox equipment, internet mail services, intrusion prevention and GovLink services

Manage inter-agency network links, e.g. to Services Australia

Onboarding and maintenance of event logs of all types

Management of a centralised logging facility and Security Information and Event Management (SIEM) systems

Cyber incident response, preparation, playbook management

Vulnerability scanning and reporting

Essential 8 compliance reporting

Delivery of Threat Intelligence Platform projects

Gateway asset replacement and improvement projects

This is a high pressure, high workload position but rewarding role within a technical branch which prides itself on delivering quality outcomes. There are occasions where working outside of normal business hours will be required when responding to security incidents, or undertaking critical maintenance.

If you are genuinely passionate about your career, innovative, have an interest in working with cutting-edge technologies and are willing to go the extra mile we want to hear from you.