Organisation: Department of Transport and Planning
Occupation: IT and Telecommunications
Reference: 6506
About Us The Department of Transport & Planning brings together all transport modes to design, plan, build and operate Victoria's transport system.
Our job is to further integrate the transport network and improve the delivery of services to Victorians for simpler, quicker and safer journeys that connect people and places and support Victoria's prosperity and liveability.
We're focused on outcomes that deliver more choice, connections and confidence in our travel, ensuring the whole transport network works as one to deliver better services and outcomes.
The department is committed to building a culture where we say 'yes' to flexible work arrangements, provide personal and professional development programs and support ways of working that help employees balance work and life.
The department is an equal opportunity employer and welcomes applicants from a diverse range of backgrounds, including veterans, people who identify as Aboriginal and Torres Strait Islander, have a disability, are from varied cultural backgrounds and those who identify as LGBTIQ+.
The department provides workplace adjustments for applicants with disabilities.
About the Role The Security Operations Centre Manager is responsible for leading the Hybrid Security Operations Centre (SOC) for the Department of Transport and Planning (DTP), with a primary focus on cyber incident management utilising DTP's Security Information and Event Management (SIEM) tool – Microsoft Sentinel.
In this role, you'll be at the forefront of managing and mitigating ongoing information security incidents and liaising with the Managed Security Service Provider (MSSP), whilst providing security leadership across the SOC.
This role will report to the Cybersecurity Operations Manager and will lead a team of internal DTP Security Analysts.
This is a fixed term position for 18 months.
Your outcomes and accountabilities Successfully coordinate security testing and incident response testing activities.Experience in leading development of SOC processes, policies, and standard operating procedures (SOPs).Manage incident investigations, threat hunting and service improvement activities across the department.Maintain strong connections with third-party IT suppliers to ensure effective oversight of incident response and remediation actions.Contribute to strategic decisions that improve team effectiveness through enhancements to Security Information and Event Monitoring (SIEM) and Security Operations Centre (SOC) functions, including the implementation of Threat Hunting initiatives.Proactively monitor, manage, and audit information systems to ensure continuous service improvement, compliance and risk reduction.Proactively manage the availability of resources and technologies used to deliver the Security Operations Centre services (including SIEM and SOAR platforms, underpinning third-party services, threat intelligence feeds and integrations with ITSM platforms).Work with stakeholders and suppliers to establish security baselines, and ensure ongoing compliance.Drive, measure and report continuous improvement initiatives and metrics and value-add activities to evolve process maturity.Expand the scope of security operations support to agencies across the Victorian Government Transport Portfolio while primarily focusing on internal DTP divisions and business units.Coach and mentor a growing team of SOC analysts and provide input into their career development plans.Qualifications and Experience Mandatory Extensive cybersecurity experience in security operations, ideally with a focus on service improvement.Hold an active CISSP Associate certification or equivalent certification or experience.Experience leading people as well as problem and incident resolution activities.Experience with report writing, service delivery, and client-facing activities.Proficient understanding of ITIL Incident Management, SecOps, and ACSC Incident Management guidance.Practical experience across the full spectrum of SOC core functions, including incident response, threat intelligence, threat hunting and reporting.Familiarity with Microsoft Sentinel SIEM and Incident Management tools.Sound knowledge of security standards and frameworks, including VPDSS, ISM, Essential 8, NIST CSF, NIST 800-61r2, Cyber Kill Chain, and MITRE ATT&CK.Availability for ad-hoc after-hours escalations.Degree or diploma in a relevant field.Security certifications such as CISSP, CISM, GIAC Security Operations Certified (GSOC) or equivalent.Understanding of or experience with OT security controls.What we offer Meaningful work making Victorian communities more accessible and liveable.Professional growth and development opportunities across the department and the wider Victorian Public Services.Opportunity to work across multiple urban and suburban hubs.We prioritise the development of a safe and inclusive culture.How to Apply Applications should include a resume and a covering letter.
Applications close 11.59pm on Sunday 19th February 2025.
For further information about the role please contact Yash Kaushik - ******.
Preferred applicants may be required to complete a police check and may be subject to other pre-employment checks.
Information provided to the Department of Transport and Planning will be treated in the strictest confidence.
Please let us know via phone or email if you require any adjustments to ensure your full participation in the recruitment process or if you need the ad or any attachments in an accessible format (e.g., large print) due to any viewing difficulties or other accessibility requirements.
Job type:Full Time - Fixed Term
Job classification:VPSG6
Contact:
#J-18808-Ljbffr