ICT Security Operations Lead

Responsible for coordinating the delivery of ICT Security Operations capabilities across multiple platforms.  This includes approximately ten personnel with varying skill sets, a Splunk-based technology stack, specialist Government and commercial providers, and multiple security domains across all security classification levels .

• Report into the customer’s Director ICT Security .  This will include an initial review of reporting requirements and development of artifacts to support that.
• Advocate for Security Operations requirements in the scoping, development and sustainment of systems and ICT services while maintaining a broader perspective on the operational requirements of the customer.
• Identify and opportunities for improved effectiveness and efficiencies of security controls and processes, and work with the Director ICT Security and other relevant stakeholders to evaluate, develop and deliver these.
• Maintain a working relationship with other areas of the ICT Security team, including Governance Risk and Compliance (GRC) and Security Architecture personnel. 
• Assist with monitoring, analysis, incident response and reporting on a regular basis to maintain a working-level understanding of the environment, relevant threats and the team.  This will require hands-on technical experience across Security Operations functions.
• Assist team members with their personal growth and contribution to the team.  The team may include people with a diverse range of backgrounds, means of ingesting and interpreting information, and delivering the outputs of their roles.  Working with the Director ICT Security, this role will help to balance individuals’ approaches and abilities with the greater needs of the team.
• Work with the Director ICT Security to manage priorities and associated resource allocation based on organisational needs.  Typically, this will be reasonably stable however there will be occasions where reprioritisation and reassignment at short notice is required to support organisational priorities.

• Five year’s  experience in technical security operations roles which may include roles such as SOC analyst, technical security engineering, incident response, offensive security or similar roles.
• Two years’ experience in a technical team lead role which may or may not overlap with the five years experience above.

• Experience working with a Splunk-based technical stack, will provide a significant advantage.  Other technologies that may assist are common firewall, networking and cloud-based technologies 
• Experience working and communicating with people in typically non-technical roles such as senior management, project management and related support roles, service delivery, and procurement.
• Experience working with systems ranging over a broad spectrum of security classifications and levels of isolation would be advantageous.

This role does require the successful applicant to be an Australian Citizen and to hold a current TSPV security clearance. Successful candidates will also be required to undergo an organisational suitability assessment 

We’ve been keeping Australia safer, healthier and more efficient for 25 years, here’s just three ways how:

• We work with the Australian Department of Defence to design and operate the cyber security tools used across the Army, Navy and Air force.
• We deliver software development and operational support through to the integration of underwater autonomous vehicles and survey ships to meet mission objectives.
• We’re building the next generation secret end user environment for the Australian Department of Defence across a number of strategic locations around Australia. 

At Leidos, we embrace diversity and are committed to creating a truly inclusive workplace. We welcome and encourage applications from Aboriginal and Torres Strait Islanders, culturally and linguistically diverse people, people with disabilities, veterans, neurodiverse people, and people of all genders, sexualities and age groups.