An opportunity exists for a Cyber Defence Lead to create and deliver the cybersecurity operations, engineering and defence strategy for Boral. As a senior role within a team of technical cybersecurity analysts and specialists, this critical role is suited to an experienced cybersecurity expert who will roll up their sleeves to run and support the Security Operations Centre (SOC), ensuring all security controls are effective, relevant and fit for purpose.
Your day will involve: Define and operate all security technology, tools, services, and processes to monitor, detect, remediate, and contain security threats, including security monitoring, vulnerability management, security systems administration, and security incident response. Perform security threat detection and monitoring across Information Technology (IT) assets, Operational Technology (OT) assets, and Information Assets, to ensure the business is protected against current and emerging threats. Demonstrate advanced knowledge of adversarial tactics, techniques, and procedures across all adversarial threat actor groups. Ability to analyse logs, normalise and perform automated log correlations utilising big data analysis or hunt tools to identify anomalous and malicious activity. Plan and deliver cyber tabletop simulation exercises for a technical and executive audience. Manage and mature the vulnerability management program, vulnerability tooling implementation and reporting. Manage and mature security incident response capabilities to ensure effective engagement of internal and external resources to investigate, mitigate and remediate security incidents in an effective and efficient manner. Report on cybersecurity to management, providing weekly, monthly, and quarterly delivery of security reports on operational status, risk, and incident metrics. What are we looking for? Tertiary qualifications in a Computer Science, Software Engineering, Information Technology, or a Cybersecurity specialisation. Professional technical and security management certifications such as a GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Advanced Incident Response, Threat Hunting, and Digital Forensics (GCFA), GIAC Continuous Monitoring Certification (GMON), or GIAC Certified Incident Handler (GCIH) highly regarded. Extensive Information Technology experience including management roles with a broad experience around infrastructure, applications, program delivery, and technical support. Demonstrated success managing a cybersecurity function for a large business, with information technology and operational technology assets. Experience building and/or running a Security Operations Centre (SOC). Solid experience implementing information security management frameworks, such as International Standards Organization (ISO) 2700x, the IT Infrastructure Library (ITIL), NIST, Mitre Att&ck, and CIS Critical Security Controls. #J-18808-Ljbffr