Cyber Operations Lead

Job Requisition ID: 3925

Legal Entity: Monash Health

Location:

Clayton, VIC, AU, 3168

Employment Type: Full Time

Posting Date: 18 Mar 2025

Monash Health is a great place to work

Monash Health is Victoria’s largest and most comprehensive health service. For more than 170 years, Monash Health and its predecessors have provided safe, high-quality healthcare and service for people at every life stage. With 25,500 employees, we provide care across south-eastern metropolitan Melbourne and rural Victoria from over 40 locations; via telehealth, within local communities and in people’s homes.

To see first-hand what our colleagues think about working here, take a look at the following short videos: monashhealth.org/careers.

About the Role

The Cybersecurity Operations Lead will play a crucial role within Monash Health's Cybersecurity Team:

While they are a security generalist within a dynamic team, they will focus on the management and resolution of cyber incidents, detection of potential threats, and remediation of identified vulnerabilities.

They will lead thorough analysis of incidents (both by doing this and by coaching others) and develop processes that can be followed by other cyber analysts and incident responders.

They will drive continual improvements to our cyber detection, automation, investigation, and prevention tools and processes.

They will also support the operationalisation of other security and IT projects to ensure that security policies and procedures are followed in other parts of IT operations, including asset management, change management, incident management and release management.

The Cyber Security Operations Lead will be pivotal in ensuring that Monash Health's digital transformation journey is secure, resilient, and prepared for the future of healthcare delivery.

Key result areas:

Lead the cyber incident management process, ensuring timely detection, response, and resolution of cyber threats and management of our SIEM and alerting systems.

Lead the detection, triage of vulnerabilities and work with teams to ensure their timely resolution, including automating the processes of notifying teams and reporting.

Lead the relationship with our Threat Intelligence providers to ensure that this information is operationally implemented in our environment.

Set, monitor and report on Key Performance Indicators and Key Risk Indicators for Cybersecurity operations.

Oversee the implementation and optimisation of cybersecurity tools, processes and technologies to enhance cyber incident detection and response capabilities and vulnerability detection and management capabilities.

Be on call as a part of our security incident roster alongside other technical security staff.

Manage on call and escalation processes for cybersecurity incidents, not including our outsourced 24x7 on-call SOC.

Provide coaching, training and material to staff involved in responding to cyber security incidents.

Consult on the implementation of other tools to enhance asset management, change management, incident management more broadly.

Conduct Post-Incident Reviews (PIRs) to identify root causes, lessons learned, and areas for improvement.

Collaborate closely with the Digital and Information team, Risk Management, Emergency Management, and Business Continuity teams to ensure that processes are effective and risks are managed in technology resilience.

Foster a proactive cybersecurity culture within Monash Health, promoting awareness and best practices among staff, especially among technology operations staff.

Continuously improve operational procedures and complete appropriate support documentation when procedures change.

Develop and maintain a friendly and co-operative working environment; fostering strong working relationships with all colleagues to deliver quality outcomes.

Build and leverage relationships internally across Digital teams.

Provide quality assurance for all operational and project deliverables including documentation requirements, design, test plans and handover documentation.

Participate in ad hoc projects as directed by the Head of Cybersecurity.

Other duties as assigned from time to time by the Head of Cybersecurity.

About You

Qualifications/registrations/licences (italics indicate desirable):

Tertiary and/or Industry Qualifications in relevant field

Industry Certifications relating to service delivery methodologies (such as ITIL)

Industry Certifications relating to security management (such as CISM, CISSP)

Technical skills/knowledge/experience:

Prior experience in a senior security operations role or similar

Prior experience working in a hands on environment managing security incidents, vulnerabilities

Advanced analytical troubleshooting skills

Advanced process mapping, scripting and automation skills

Knowledge of Microsoft Windows client and server based operating systems, Linux and Cisco networks

Knowledge of Microsoft 365, Microsoft Teams/SharePoint, Defender, SCCM and Intune

Knowledge of Active Directory, Group Policy, and Exchange

Knowledge of Forescout, Tenable, Mimecast and Proofpoint

Experience with PowerShell and Scripting languages.

Familiarity with networking services: DNS, DHCP

Knowledge of ITIL standards and technology operations processes

Exposure to VMWare, Citrix

Ability to retain forensic evidence from a security investigation

Advanced skills in facilitating incident meetings and post incident reviews

Capabilities:

Thoroughness and Diligence

Experience in dispute resolution and managing stress under pressure

Demonstrated ability to achieve set Key Performance Indicators (KPI)

A strong desire and capability to listen, analyse and recommend

Strong capability to lead and direct others in troubleshooting incidents

Excellent interpersonal and relationship building skills, especially with other technical stakeholders

Excellent time and personnel management skills

Ability to work within deadlines

Ability to work unsupervised

Is consistent, reliable, and approachable

Offers to help others in achieving common goals

Maintains ongoing communication with others to ensure a ‘partnership approach’ to goal achievement

Takes time to understand and address others’ requests

Demonstrates respect for others in all interactions

Considers the impact of own actions on others

Presents opinions, ideas and/or facts clearly with enthusiasm

Strives to deliver quality, timely patient/client service

Works effectively with a diverse range of people

Helps others feel welcome and included

Deals constructively with mistakes and setbacks

Has a realistic view of own strength and weaknesses

Measures own improvement in performance against learning undertaken

Has a positive ‘can do’ attitude

Regularly seeks feedback both informal and formal on progress and performance

Takes pride in managing own time and resources effectively

Consistently delivers high quality, best practice care – even under time pressures

What we offer:

Salary packaging

On-site fitness centre

On-site subsidised car parking

Monthly ADO’s (available for full-time employees)

Free lifestyle management seminars (superannuation, retirement, etc.)

Access to salary packaging, private health insurance and industry banking at competitive rates.
Flexible/ Work From Home arrangements

For a confidential discussion and to explore the opportunity further, please call Tristan Lawrence on 0455 466 644.

Position Description can be found here

We recognise the value of equal employment opportunity. We are committed to patient safety, promoting fairness, equity and diversity in the workplace and to Child Safe Standards. At Monash Health we are relentless in our pursuit of excellence and work to our six guiding principles and our five ICare values.

How to Apply

Applications are accepted via the Monash Health online EHub system. For information including how to apply and probity check requirements, please click here for the ‘Application Guide’

Applications will be screened upon receipt and selection activity may commence prior to the closing date.

Applications close April 15th, 2025.