Who we are PM&C's Digital Security and Workplace Operations Division (DSWOD) is in the exciting stage of establishing a new dedicated Cyber Security Operations Centre (SOC) to uplift our cyber defence capabilities and enhance our ability to proactively detect and respond to cyber threats. The Cyber Operations team forms part of the Digital, Security, and Workplace Operations Division. Our division delivers workplace and business services that support PM&C and our shared service partners to operate effectively and deliver business outcomes. Our services span property, security, digital and information communications technology. What you will do Cyber Security Operations Centre (SOC) will serve as the central hub for monitoring, triage, and incident response across our ICT environments, providing real time situational awareness and threat intelligence to protect PM&C's digital systems and data. We are looking for leaders who are passionate about building high-performing teams and establishing scalable and modern SOC functions. As a new capability this is a unique opportunity to shape how the SOC is built and operated. You will: Manage and develop a team of cyber security analysts Oversee optimisation of cyber security technologies and platforms Monitor security events and coordinate the triage, investigation and response to cyber incidents Develop and exercise incident response plans and playbooks Provide regular reporting on SOC performance and threat trends to executive stakeholders Collaborate with ICT, cyber governance, executive and external stakeholders to ensure effective security operations. Cyber Threat Exposure Management (CTEM) team is a newly established capability within DSWOD. The team proactively identifies, assesses, and reduces exposure to cyber threats across PM&C's digital environment. The CTEM team provides visibility into the attack paths and exposures that adversaries could exploit, combining vulnerability management, attack surface analysis, threat intelligence, and prioritised remediation to continuously improve the PM&C's cyber security posture. The team works closely with Security Operations Centre, ICT, cloud, and Cyber Governance teams to focus resources on countering threats and vulnerabilities of most significance. As a new capability this is a unique opportunity to shape how CTEM is built and operated. You will: Lead the development of strong vulnerability and attack surface management processes and practices Oversee the effective detection, assessment, and remediation of cyber security vulnerabilities across PM&C Draw upon technical expertise to interpret reconnaissance scanning, identifying opportunities to minimise and harden the PM&C's cyber-attack surface Collaborate with technical and business stakeholders, communicating with influence to minimise the Department's exposure to cyber security threats and risk Lead, manage and develop members of the CTEM team Build and maintain strong relationships with internal and external stakeholders, including Government agencies, vendors, and industry partners. The key duties of the position include What you will bring As a Cyber Security Operations Centre Assistant Director , you will have: Demonstrated experience leading or managing operational cyber capabilities Working knowledge of SIEM, SOAR, EDR and log management technologies Experience developing SOC processes, playbooks and team structures Strong leadership, team building and stakeholder engagement skills Strong understanding of government cyber security requirements and frameworks such as the ISM and PSPF. Relevant qualifications or industry certifications would be highly regarded. As a Cyber Threat Exposure Assistant Director , you will have: Demonstrated experience leading vulnerability management, threat assessment, or cyber risk management functions Strong understanding of vulnerability types (e.g. CVEs, OWASP Top 10, cloud misconfigurations) and common exploitation techniques Experience using vulnerability scanning and assessment tools Knowledge of security patching, secure configuration, and system hardening practices. Familiarity with the Australian Government ISM, PSPF, and Essential Eight mitigation strategies Strong analytical, communication, and stakeholder engagement skills.
