IBM Security Technical Operations Lead 

Australia, Victoria, Melbourne 

614264092

As part of a team based on client site in Melbourne CBD this role is responsible for overseeing delivery of all managed security services for a key client, this is a critical role that requires a special blend of hands on security technical skills combined with consulting delivery experience with the ability to foster excellent relationships with stakeholder groups.

• Manage and lead the governance of security operations services to support client maintaining a robust security posture
• Act as escalation point for client related to any matter on managed security services
• Establish key security performance indicators that ensure proper service delivery and continuous service improvements
• Ensure that the Cyber Security team is on top of the day-to-day security platform management, monitoring, detection, analyses, and response to threat indicators, malicious activities from security systems and intelligence
• Ensure security detection, protection, response, and recovery standards, processes and procedures are up to date, maintained and followed
• Liaise with other teams (internal and external) to ensure threat indicators are rated by severity and responded to in a manner consistent with the threat
• Define, measure and produce aggregated performance metrics and progress report across all functions of cybersecurity services delivered to client
• Ensure that the Cybersecurity operations team is constantly equipped with the necessary security advice, guidance, and technical expertise resulting in outstanding service delivery
• Previous client delivery experience within security operations environment
• Experience in large scale IT security operations practices with proven understanding of IT technologies and current threat landscape
• Excellent analytical and problem-solving skills, with the ability to prioritise and manage multiple complex projects simultaneously
• A thorough understanding of customer service-related performance metrics

• Experience in crisis management
• Understanding of regulatory frameworks such as AESCSF, SOCI Ac
• Technical experience on Network security, Firewalls, IPS, Proxies, PAM Platforms, Endpoint security (AV/EDR), SIEM, Email security
• Due to the nature of the role, you are required to work 5 days onsite and be an Australian Citizen

Core Security Expertise

• Firewalls & Network Security: Cisco ASA/Firepower, Palo Alto (PAN-OS, Panorama) (preferred)
• Proxies & Secure Web Gateways: Prisma (preferred), Zscaler.
• VPN & Remote Access: Global Protect (preferred), Cisco AnyConnect, SSL/IPSec VPNs.
• Load Balancers: F5 BIG-IP, Citrix ADC.
• Microsegmentation: Illumio (preferred), VMware NSX, Cisco Tetration.
• NAC & Zero Trust: Cisco ISE (preferred), Aruba ClearPass, Zero Trust implementations.
• Threat Detection & EDR: Microsoft Defender for Endpoint, (preferred), CrowdStrike, SentinelOne. Advantageous
• SIEM & Log Management: Splunk, Microsoft Sentinel, IBM Qradar (preferred)

Security certifications such as:

• CISSP: Certified Information Systems Security Professional
• CISM: Certified Information Security Manager
• GSNA: GIAC Systems and Network Auditor: AUD507: Auditing Networks, Perimeters, and Systems
• GSLC: GIAC Security Leadership Certification: MGT512: SANS Security Leadership Essentials For Managers with Knowledge Compression

Exposure to Operational Technology (OT) / Industrial Control Systems (ICS) is preferred
Energy/Utilities experience is desirable