About the Consultancy
Join a leading international consultancy delivering managed cyber security services and large‑scale security uplift programs across critical infrastructure and highly regulated industries. You’ll work in a mature support environment with established technical capability, where the focus is on strong leadership, governance, and outcomes — not hands‑on engineering.
About the End Client
The end client is a major organisation operating within critical infrastructure, with strong regulatory and operational resilience requirements. This role supports an enterprise security operations function and works closely with stakeholders to ensure incidents, escalations, and service delivery are managed decisively and professionally. (Utilities experience is a plus, not a requirement.)
About the Role
We are seeking a highly experienced Security Operations Lead to act as the primary point of contact for the client and provide leadership across a hybrid onshore/offshore security operations support model. This is a leadership and operations role — not hands‑on — however you must have strong technical knowledge across common security domains to guide teams, challenge vendors appropriately, and speak with authority.
You will drive operational uplift, manage escalations, ensure accurate reporting, and provide strong incident leadership. The support structure is in place — the key requirement is someone who can take ownership, operate proactively, and run security operations in a mature, client‑facing manner.
Contract: 6 months initial, with long‑term extensions (as advised)
Location: Melbourne – onsite initially, moving to hybrid later (as advised)
Key Responsibilities
Security Operations Leadership (SOC / MSS)
- Act as the Security Operations Lead, ensuring cohesive service delivery across security towers and operational teams.
- Lead and coordinate a hybrid onshore/offshore support team, driving consistency, accountability, and delivery momentum.
- Take ownership of day‑to‑day operational outcomes, ensuring issues are driven to closure with clear action and accountability.
- Own and lead major incident management end‑to‑end: triage direction, escalation pathways, stakeholder comms, and post‑incident review.
- Drive proactive management of risks and recurring issues (problem management mindset, not “ticket handling”).
- Ensure fast, structured resolution of escalations in partnership with technical teams and vendors.
- Be the main POC for the client and internal technical teams, providing confident, clear, and authoritative communication.
- Lead operational cadence: service reviews, escalation calls, stakeholder updates, and vendor governance discussions.
- Translate technical themes into crisp business‑level reporting and decision options.
- Drive operational uplift initiatives across people, process, and tooling; improve responsiveness, consistency, and service maturity.
- Own reporting quality: accurate operational metrics, incident reporting, trends, and action tracking — delivered with authority.
- Support strategic roadmaps with vendors and stakeholders to improve operational capability over time.
- Ensure operations align with critical infrastructure obligations (including SOCI Act awareness where applicable).
You will need broad knowledge across security operations domains to lead effectively and guide SMEs, including:
- Firewalls & Network Security: Cisco ASA/Firepower, Palo Alto
- Proxies / SWG: Prisma (preferred), Zscaler
- VPN / Remote Access: GlobalProtect, Cisco AnyConnect, SSL/IPSec
- Load Balancers: F5 BIG‑IP, Citrix ADC
- Microsegmentation: Illumio (preferred), VMware NSX, Cisco Tetration
- NAC / Zero Trust: Cisco ISE (preferred), Aruba ClearPass
- Threat Detection / EDR: Microsoft Defender for Endpoint (preferred), CrowdStrike, SentinelOne
- SIEM (Desirable): Microsoft Sentinel, IBM QRadar
- Proven experience leading managed security service operations in a hybrid delivery model.
- Strong incident management leadership (major incidents, escalation management, and operational governance).
- Highly client‑facing with exceptional verbal communication — confident, articulate, and able to lead conversations.
- Proactive, ownership‑driven mindset (drives outcomes, not updates).
- Strong operational reporting discipline: metrics, trends, actions, and stakeholder‑appropriate communication.
- Experience in utilities / critical infrastructure is highly regarded but not essential.
- Melbourne‑based with onsite presence initially; hybrid later (as advised).
- 6‑month initial contract with strong extension runway (as advised).
- Senior, high‑visibility Security Operations Lead role with real ownership and influence.
- Established support structure and technical specialists in place — success comes from leadership, coordination, and proactive operations.
- Opportunity to work in a critical infrastructure context with meaningful operational impact.
Please upload your CV to apply. Suitable candidates will be contacted with next steps.
For further information, contact:
📞 Farbar Siddiq – 0489 922 211
📧 farbars@whizdom.com.au
