The Opportunity: At Medibank, we are continuously looking at ways to develop, maintain and support security controls across the organisation which is why we are on the lookout for a technical and analytical Security Operations Centre (SOC) Manager who is an inspiring leader, has a curious eye, and is looking to solve complex problems in a challenging environment using state of the art security solutions.
The SOC Manager will be responsible for management for all IT Security Incidents at Medibank and will use some of the newest security tools and technologie contributing to the security posture for the organization.
The Responsibilities: Manage the Security Operations Centre for Incident Response and Remediation by creating Standard Operating Procedures and processes and providing technical leadership and guidance to the team Utilising your extensive knowledge in security technologies, information systems, processes, and procedures, you will play an instrumental role in mentoring and coaching the team Assist Security Delivery team in designing, planning, and implementing security solutions for the organization Setup, own and manage the Enterprise SIEM platform for faster detection and response for Security Incidents Create SOAR playbooks to automate response to common Security and Infrastructure events Be the point of escalation for a 24/7 on-call roster to responds to security and infrastructure events on Medibank systems Configure, manage, and use Security tools like Endpoint Protection Platforms, Vulnerability Scanners, Firewalls, SIEM, SOAR, etc, and provide continuous feedback to implement better protection policies in the existing security toolset Deliver and maintain operating procedures and security controls for compliance against most common security standards and frameworks like PCI-DSS, NIST, etc Proactive learning of the company network, new security/network technologies and developments, and associated vulnerabilities Ideally you have: Experience in running a SOC with detailed Standard Operating Procedures and managing a next-generation SIEM and SOAR toolset for Security Incident Management for a large organisation.
Highly technical and analytical, with proven experience in one or more of the following roles: IT operations, systems administration, software engineering, systems engineering, digital forensics, security engineering or detection engineering.
Strong background in information security or a related field.
Experience in mentoring, coaching, and leading a team to ensure they develop into highly skilled SOC Analysts and Threat Hunters.
Data-driven analytical approach toward solving complex challenges and driving improvements over time.
Understanding and experience with TCP/IP and networking equipment such as switches, firewalls, and router.
Hands-on experience managing AWS environments.
Management and use of automation and orchestrations tools and systems (e.g., Puppet, Chef, Salt, Ansible, Docker, Kubernetes, Jenkins, Terraform).
Hands-on experience managing Windows and Linux environments.
Experience with one or more of Python, Perl, Bash, Go, C/C++ and/or Java.
One or more security-related certifications, such as CISSP, CEH, CISA, CISM, SECURITY+, etc (Highly Desirable).
