We’re working with a well-established, privately owned Australian organisation with over 50 years of history and a growing international footprint.
The security function is currently undergoing a significant uplift, transitioning from a heavily MSP - supported operating model to a more internally owned and engineered Security Operations capability.
You will be responsible for building and shaping the internal Security Operations capability, including engineering, detection, response, and vendor oversight.
This role has scope to grow into a Head of Security Operations position as the function expands. What does this role look like?
Security Operations & Incident Response - Own Security Operations engineering, including detection, escalation pathways, and incident response playbooks
- Design and continuously improve threat detection and response across endpoint, identity, cloud, network, and collaboration platforms
- Lead and coordinate major security incidents, acting as the technical authority in high-pressure situations
- Drive post-incident reviews and ensure improvements are embedded into tooling and processes
SOC & Vendor Oversight - Provide hands-on oversight of CrowdStrike Falcon Complete
- Tune detections, refine runbooks, and ensure service quality
- Act as the internal technical authority to challenge and manage external providers
- Optimise tooling and vendor landscape to improve effectiveness and efficiency
Architecture & Roadmap - Define and evolve Security Operations tooling architecture (EDR, SIEM/SOAR, email security)
- Maintain a forward-looking roadmap aligned to cyber strategy
- Support cloud, digital transformation, and AI initiatives from a security perspective
Email & Collaboration Security - Own the security posture of Microsoft 365 (email, Teams, collaboration tools)
- Manage email security tooling (e.g. Abnormal AI, DMARC enforcement)
- Define and maintain phishing protection and email security baselines
What we’re looking for? - Proven experience in Security Operations environments, with deep real-world SecOps exposure in high-pressure situations
- Confident handling SOC escalations through to resolution, taking ownership and driving outcomes under pressure
- A builder mindset, not just operational experience, someone focused on improving and maturing capability
Why this role? - Genuine opportunity to own and shape Security Operations capability
- High autonomy with minimal bureaucracy
- Direct access to leadership and real influence on direction
- Strong culture of ownership, trust, and accountability
- A business where security is seen as an enabler, not a blocker
Salary?
This sits between roughly $180,0000 - $200,000 base salary + super annuation + bonus + other perks which can be disclosed.
WFH Arrangement?
This is a hybrid working environment. They've built a culture, so people want to come into a great office space. I'd expect 2 to 3 days in office presence per week.
If this sounds like you, please apply for a 100% fully confidential conversation.
Also feel free to email me your resume to harry@decipherbureau.com.
Thanks,
Harry