Job Description As our Cyber Security Lead, you’ll be responsible for leading the day to day technical cybersecurity operations for the data centre and acting as the senior escalation point for security incidents across IT and OT environments. In this role you’ll primarily be hands on, providing technical leadership, coordination, and mentorship to the security operations team. Within this position, your scope will cover: Leading and managing the execution of cyber security strategies, frameworks, and architectures to protect NEXTDC’s operating environment Developing and implementing strategies for threat detection and vulnerability management using tools like ClamAV, Junos, and EndPoint Security solutions Designing and executing application security initiatives, including vulnerability assessments, secure coding practices, and penetration testing Designing and executing data security measures, ensuring encryption, data loss prevention (DLP), and secure storage solutions are in place. Lead the daily security operations activities (monitoring, triage, investigation, and response) and act as technical escalation point for complex or high severity incidents. Coordinate and guide security analysts/engineers during incident handling, ensuring that investigation steps, containment, eradication, and recovery actions are executed correctly and documented. Mentor junior security engineers/analysts, provide technical guidance and on-the-job training, and contribute input into performance and development discussions. Act as the technical point of escalation for Cyber Security operations and any related issues, participating in after-hours support as needed. Your technical skillset will include: In-depth understanding of the latest cybersecurity threats, vulnerability management techniques, and incident response protocols Expertise in managing cybersecurity tools like firewalls, IDS/IPS, VPNs, Zscaler and Defender for security and endpoint protection, including policy configuration and troubleshooting Strong hands-on experience with SIEM and log analysis tools (e.g. Splunk, Elastic, Microsoft Sentinel, or similar), including query creation, correlation rules, and dashboards Familiarity with vulnerability management platforms, ticketing/ITSM tools, and basic SOAR or automation playbooks for incident response Solid understanding of common attack techniques, MITRE ATT&CK concepts, and incident response methodologies Working knowledge of security requirements for OT/ICS environments and zone/segmentation concepts Strong troubleshooting and analytical skills, able to lead investigations and make clear technical decisions under time pressure
