Cyber Security Operations Manager

Position OverviewThis position is responsible for helping the Entity to protect, detect, and respond to Cyber Security threats. The successful candidate will be required to act as a productive member of the Cyber Security team within the Cyber Security Engineering function. The role is responsible for collecting and analysing data and alerts from various sources to identify and respond to incidents and events.
In addition, the role creates playbooks, develops incident response plans, produces reports, and provides technical advice.
The key duties of the position include:Duties
Analyse system data and alerts for various sources to identify suspicious or malicious activity.
Investigate and respond to cyber events and incidents.
Develop Cyber Security documentation including playbooks and incident response plans.
Provide technical advice regarding Cyber Security Operations and access controls.
Configure, manage, and integrate security tools such as EDR and vulnerability management.
Monitor work queues and mailboxes to provide security help and expert advice.
Work collaboratively in a multi-disciplinary environment, fostering teamwork and group activities.
EligibilityQualifications and experience
Experience with Cyber Security incident response and best practice would be highly regarded.
Experience with a SIEM tool (eg Splunk, Sentinel) would be beneficial.
Experience with vulnerability management tools (eg Tenable) would be beneficial.
Experience with Microsoft Defender products would be beneficial.
Understanding of Azure and M365 from a security perspective would be highly regarded.
Relevant certifications and qualifications, such as CISSP, would be highly regarded.
Selection Criteria
Demonstrated ability to conduct analysis of logs and alerts from various sources.
Ability to create and maintain security documentation such as playbooks.
Ability to manage security tools and programs, including identifying efficiencies through integrations and automation.
Proficiency in applying security practices and principles, including vulnerability management, and adherence to industry standards.
Ability to create reports and provide appropriate recommendations to achieve security outcomes.
Excellent written, verbal, and interpersonal skills.
NotesAboriginal and Torres Strait Islander people are strongly encouraged to apply.
Getting to know the Federal Court of Australia
The Chief Executive Officer and Principal Registrar of the Federal Court, together with officers and staff identified under the Federal Court of Australia Act 1976, the Federal Circuit and Family Court of Australia Act 2021 and the Native Title Act 1993, constitute a single Statutory Agency for the purposes of the Public Service Act 1999. Employees are engaged to work in support of the following courts or tribunal:
Federal Court of Australia,
Federal Circuit and Family Court of Australia, and
National Native Title Tribunal.
Employees are covered by the Federal Court of Australia Enterprise Agreement 2018–2021. The Federal Court and the Federal Circuit and Family Court each maintain a distinct statutory identity, with separate functions and judicial independence.