SOC Manager

at  Medibank

WILL YOU ACTIVELY CREATE A HEALTHIER FUTURE FOR TOMORROW?

At Medibank we’re encouraged to think big. We have a clear purpose to impact better health outcomes for our customers, patients and our community.
We celebrate diversity of thought because we want to make better decisions for our customers. As we work towards our goal of better health for better lives, we value the knowledge and contribution of Aboriginal and Torres Strait Islanders. We are working hard to create an inclusive workplace and develop Indigenous careers.

YOUR EXPERIENCE WILL INCLUDE:

• Experience in managing a SOC with detailed Standard Operating Procedures and managing a next generation SIEM and SOAR toolset for Security Incident Management for a large organization.
• Highly technical and analytical, possessing 5+ years in one or more of the following roles as a technical leader, IT operations, systems administration, software engineering, system engineering, digital forensics, security engineering or detection engineering.
• 5+ years’ experience in information security or a related field.
• Experience in mentoring, coaching, and leading a team to ensure they develop into highly skilled SOC Analysts and Threat Hunters.
• Demonstrated oral and written communication skills, with the ability to communicate technical information to other technical audiences.
• Data-driven analytical approach toward solving complex challenges and driving improvements over time.
• Ability to prioritize workload and manage expectations under pressure.
• A passion for information security and a history of contribution to the security community.
• Understanding and experience with TCP/IP and networking equipment such as switches, firewalls, and routers.
• Hands-on experience managing Windows and Linux environments.
• Experience with one or more of Python, Perl, Bash, Go, C/C++ and/or Java.
• One or more security-related certifications, such as CISSP, CEH, CISA, CISM, SECURITY+, etc.
• Ability to think like both an attacker & defender.

• Managing our Security Operations Centre for Incident Response and Remediation by creating Standard Operating Procedures and processes and providing technical leadership and guidance to the team.
• Utilising your extensive knowledge in security technologies, information systems, processes, and procedures, you will play an instrumental role in mentoring and coaching the team.
• Promotion of learning and development within the team through assignments and exercises to introduce them to newer threats and exploits.
• Assisting Security Delivery team in designing, planning, and implementing security solutions for the organization.
• Managing the Enterprise SIEM platform for faster detection and response for Security Incidents.
• Creating SOAR playbooks to automate response to common Security and Infrastructure events.
• Deliver and maintain operating procedures and security controls for compliance against most common security standards and frameworks like PCI-DSS, NIST, etc
• Manage rulesets and configurations of systems that generate security event data, tune alerting and reporting of security event data sources to optimise systems and ensure they are stable and current.