Head of Cyber Security Operations

Melbourne | Hybrid | National Health & Aged Care Organisation

Reports to: Chief Information Security Officer | Permanent

Lead security operations and deliver a multi-year cyber uplift that protects mission-critical clinical and enterprise systems across Australia.

We’re partnering with a large, purpose-led national health and aged-care organisation, operating across hospitals, aged-care facilities, and community services. This is a key leadership role responsible for strengthening resilience, maturing cyber operations, and uplifting capability across a highly regulated environment.

The Opportunity

As Head of Cyber Security Operations, you will own end-to-end delivery of threat and vulnerability management, incident detection and response, operational security engineering, and governance of core security platforms.

You’ll build and execute a 3–5-year uplift roadmap, embedding frameworks such as NIST CSF, ISO 27001 and protective security standards while accelerating capability maturity, automation, and operational efficiency.

This role combines strategic leadership with hands-on execution and the opportunity to make a meaningful national impact.

Key Responsibilities

• Lead the Security Operations (SecOps) function, including detection, response, SIEM oversight, vulnerability management, and continuous monitoring.
• Own delivery of the Cyber Security Uplift Program — scope, plan, govern, resource and transition programs to BAU.
• Embed NIST CSF, ISO 27001, Essential 8 and protective security requirements into operational processes.
• Oversee major cyber incident response, including simulation, readiness, escalation and reporting.
• Benchmark and uplift operational capability, introducing automation, analytics and continuous improvement practices.
• Engage senior stakeholders across Digital, Technology and Operations to ensure alignment and risk-based decision-making.

About You

You are an operational cyber leader with deep experience strengthening SecOps capability in complex, regulated environments.

You bring:

Industry / Enterprise-Scale Experience in Regulated Environments

Experience across health, government, financial services or other regulated sectors, with strong understanding of compliance obligations and operational risk. You’ve delivered uplift using frameworks such as NIST, ISO 27001, CPS 234, AESCSF, SOCI or NSW Cyber Security Policy.

Tenure, Delivery Credibility & End-to-End Execution

A proven record of taking major cyber uplift programs from business case through to delivery and BAU. You bring stability, accountability, and measurable outcomes.

Operational Leadership Beyond Architecture or Design

Hands-on SecOps leadership, including SOC uplift, SIEM/SOAR/EDR optimisation, vulnerability management, detection tuning, and leading significant cyber incidents. You build teams, mature operational capability, and drive real-time decision-making.

You’ll Also Bring:

• Strong technical foundation in cyber operations, risk, and incident response
• Excellent executive communication and stakeholder engagement skills
• Relevant tertiary qualifications and/or professional certifications (CISSP, CISM, etc.)

Why You’ll Want This Role

• National impact: Strengthen the security posture of essential health and aged care systems
• Ownership: Lead SecOps with full accountability and influence
• Purpose: Join a values-driven organisation delivering critical services
• Package: Circa $220K (incl. super) + generous NFP salary packaging

👉 Apply now or contact Vicki Woodcock for a confidential discussion