About the job

Join our Downer Professional Services team and play a key role in delivering complex defence and national security projects that safeguard Australia’s future.

Downer Professional Services comprises of three business units our Technical, Advisory, and Capability consulting practice, and Team Downer, which partners with CASG and NSSG as a major service provider to Defence. Together, we are a multi-disciplinary advisory and delivery partner of choice for clients across Defence and National Security.

We currently have an opportunity for a Cyber Security Team Lead in Canberra to work for a Cyber Security program within Defence. You will be leading a team focused on cyber security risk mitigations across multiple Products internal to the team; delivering support services, specialist advice and reporting against hardware/software vulnerability monitoring, cyber supply chain risk management, Defensive Cybersecurity, incident response and ad-hoc specialist consultation.

What You’ll Do

This role offers a broad scope, with key role responsibilities including:

• Conduct of vulnerability management activities, stakeholder communications and reports across all COSPO Products.
• Maintenance and execution of the Cyber Supply Chain Risk Management Plan.
• Leadership of threat hunt planning, execution and reporting.
• Cyber security operations of COSPO products including development and maintenance of Standard Operating Procedures.
• Analysis and application of Cyber Threat Intelligence (CTI) to COSPO Products.
• Cyber Security stakeholder engagement within broader Defence Digital Group and Defence Department.
• Leadership of one Cyber Security Specialist and technical control of Product Team GRC personnel.

What You’ll Bring

• Cert IV (or equivalent) in either Cyber Security or Intelligence Operations or Security and Risk Management.
• ICT Security Governance, Risk and Compliance (GRC) or equivalent experience.
• Open-source intelligence analysis, risk assessments and technical reporting.
• ‘SOC- like’ Cyber Incident response, as both an analyst and manager.
• Threat modelling, threat hunt planning and execution.
• Implementation of Security Tools and Monitoring Systems within small Enterprise networks.
• Security Information and Event Management (SIEM) optimisation and tuning.

Due to the nature of the work, you are required to currently hold and maintain an AGSVA Security clearance as required by the Commonwealth. In some instances, compliance with International Traffic in Arms Regulations (ITAR) requirements may also be an inherent requirement.

More than anything, you’ll bring a strong work ethic, a positive attitude, and a commitment to delivering high-quality outcomes for our clients.

Why Downer Professional Services

At Downer Professional Services, we’re not just a workplace - we’re a business dedicated to contributing to the shaping of the future of defence in Australia. As the country’s only sovereign prime, we’re committed to making a real difference in protecting Australia’s interests.

What is means to belong at Downer Professional Services

• Meaningful work: Help to deliver critical Defence projects that protect Australia and shape its future.
• Professional development: Access career mapping, accelerated learning programs, and shared learning through our Communities of Practice.
• Great perks: Enjoy discounts on healthcare, retail, vehicles, and more through Perks@Downer.
• Veteran support: Benefit from initiatives like up to 20 days of Reservist Leave to stay connected post-service.

• Conduct of vulnerability management activities, stakeholder communications and reports across all COSPO Products.
• Maintenance and execution of the Cyber Supply Chain Risk Management Plan.
• Leadership of threat hunt planning, execution and reporting.
• Cyber security operations of COSPO products including development and maintenance of Standard Operating Procedures.
• Analysis and application of Cyber Threat Intelligence (CTI) to COSPO Products.
• Cyber Security stakeholder engagement within broader Defence Digital Group and Defence Department.
• Leadership of one Cyber Security Specialist and technical control of Product Team GRC personnel.

• ICT Security Governance, Risk and Compliance (GRC) or equivalent experience.
• Open-source intelligence analysis, risk assessments and technical reporting.
• ‘SOC- like’ Cyber Incident response, as both an analyst and manager.
• Threat modelling, threat hunt planning and execution.
• Implementation of Security Tools and Monitoring Systems within small Enterprise networks.
• Security Information and Event Management (SIEM) optimisation and tuning.

• Cert IV (or equivalent) in either Cyber Security or Intelligence Operations or Security and Risk Management.