Security Operations Team Lead

Job Description

Based in Melbourne Australia, MedHealth are currently seeking someone with a high level of initiative, an outgoing personality, and a professional can-do attitude to join our team.

The Security Operations Team Lead is responsible for coordinating and delivering day-to-day operational cybersecurity activities, with a focus on incident response, security tools management, and ticket escalations.

This is a hands-on technical role that provides leadership and guidance to the security operations and engineering team while ensuring the effective operation of core cybersecurity capabilities across the enterprise.

Working closely with the Cyber Security Manager, this role will support the secure operation of systems and services, lead technical responses to threats, and continuously improve the organisation’s cyber resilience.

• Lead and coordinate the daily operations of security operations for security alerts and incidents, ensuring timely investigation and response.
• Manage and optimise the operation of core security tools (e.g., SIEM, EDR, CASB, DLP, CSPM, vulnerability scanners).
• Maintain operational runbooks, processes, and reporting metrics to support consistent and effective service delivery.
• Provide guidance and oversight for BAU security initiatives, collaborating with senior engineers and project teams.
• Coordinate resource planning and task assignment for day-to-day security operations
• Act as the primary escalation point for complex technical security incidents and coordinate cross-functional investigation and remediation.
• Drive root cause analysis and post-incident reviews, contributing to continuous improvement efforts.
• Support the integration of threat intelligence and detection engineering into operational workflows.
• Contribute to the design, implementation, and continuous improvement of security architectures and control solutions.
• Ensure that operational security activities are aligned with enterprise risk and compliance requirements.
• Provide day-to-day leadership and mentoring to security team, supporting their development and technical growth.
• Promote a collaborative and high-performance culture within the security operations team.

Qualifications

• 5+ years of experience in technical cybersecurity roles, with a focus on security operations or engineering.
• Demonstrated experience managing or coordinating incident response and operational cybersecurity workflows.
• Experience leading a team or acting as senior role within a larger team.
• Hands-on expertise with enterprise security tools (e.g., SIEM, EDR, vulnerability scanners, CASB, DLP, cloud security platforms).
• Strong grasp of modern attack techniques, TTPs (e.g. MITRE ATT&CK), and threat actor behaviours.
• Strong Cloud (Microsoft Azure) and Office 365 knowledge
• Solid understanding of networking, operating systems, cloud infrastructure (Azure), and identity systems.
• Relevant certifications desirable (e.g., GCIA, GCIH, CISSP, Azure/AWS Security, OSCP).

Additional Information

You are welcome here.

Our fast-growing team of more than 3,500 people around Australia represent a huge array of life experiences, skills and ways of thinking. We value all these differences. 

We are an Equal Opportunity Employer, proudly welcoming people with disability including mental health conditions, people from diverse cultural and linguistic backgrounds, people from the LGBTQI community, veterans, carers and Indigenous Australians to our team.

We are happy to adjust our recruitment process to support accessibility needs.