Senior Security Operations Engineer - SecOps

Joining the Metcash Family 
At Metcash, you’re part of something bigger. You have all the perks of a small business heart, without missing out on the big business support. 
Being part of something bigger means you’re part of a strong purpose, where the work you do makes a big difference to independent business and local communities. It opens a sea of opportunities to develop yourself, grow your career, thrive your way and make your mark. And you’ll be part of our high performing team, where you reap the rewards of our collective success now and into the future. 

About the Opportunity 
Exciting new opportunity to join Metcash as a Senior Security Operations Engineer – SecOps. This role will be responsible for the management of Metcash Security Operations and Incident Response.

The role blends the management of the SOC/ SIEM and SOAR provided by a MSSP to identify and safeguard the organisation from intrusion, security threats, security weaknesses, software bugs and exploits, while also be hands on across several key security tool technologies. 

In this Role 
•    SOC/SIEM Management: Oversee SOC/SIEM services, ensuring the implementation of ASD’s Essential Eight and NIST standards, monitoring security systems, and responding to complex cybersecurity incidents.
•    Incident Response Leadership: Manage Cyber Security Incident Response, including incident criticality assessment, containment, mitigation, and communication of major incidents to leadership.
•    Collaboration & Coordination: Establish strong relationships with internal and external teams (MSSPs, IT, Legal, DFIR) to support effective incident response and continuous improvement of security monitoring.
•    Continuous Improvement of Security Monitoring: Drive ongoing enhancements in security detection and monitoring practices, conducting regular audits to ensure alignment with best practices as Metcash evolves.
•    Forensic Investigation & Insider Risk: Investigate cybersecurity incidents using forensic tools (e.g., SIEM, O365 Security), support HR/Legal in data searches, and manage digital forensics and preservation of evidence.
•    Security Policies & Compliance: Ensure compliance with industry standards and regulations, such as SOCI, ASD Essential 8, and NIST, and work with IT to align with Group IT security policies.
•    Cybersecurity Playbooks & Incident Response Plans: Develop, refine, and maintain Cyber Security Incident Response Plans, including playbooks, contact lists, and response protocols for various incident scenarios.
•    Security Automation: Collaborate with DevOps teams and MSSPs to automate security workflows, playbooks, and identity lifecycle events using tools such as Azure Logic Apps and Automation.
•    Team Management & Development: Manage and develop the team responsible for security tools (e.g., Defender for Cloud, CrowdStrike), ensuring a smooth transition from MSSP to in-house support and fostering a high-performance culture.
•    Documentation, Reporting & Metrics: Maintain comprehensive incident response documentation, implement monitoring and alerting tools, update security metrics dashboards, and report on security performance to leadership.

You’re Likely a Match If 
•    6+ years’ hands on experience within Azure, across components such as Defender, Purview and other security components 
•    Experience running major incident response recovery
•    Experience running internal investigations and working with internal teams and external DFIR specialists
•    Strong knowledge of federated identity systems, directory services, role-based access control, multi-factor authentication and SSO and related standards 
•    Familiarity with Continuous Integration and Delivery pipelines (AzureDevOps)
•    ITIL and IT Service Management.
•    Experience building Azure security practices (DevOps, DevSecOps)
•    Vendor management and SLA oversight experience
•    Bachelor’s degree in information technology, cyber security, or relevant industry experience.
•    Relevant security certifications such as EC-Council C|EH, C|HFI , C|SA, GIAC Security Operations Certified (GSOC) , GIAC Experienced Forensics Examiner (GX-FE) , GIAC Experienced Incident Handler (GX-IH) , SANS Digital Forensics, Incident Response & Threat Hunting ETC
•    Industry Experience in Logistics/Supermarket/Retail/Wholesale is favourable  
•    Effective communicator and presenter; ability to communicate complex concepts clearly, both verbally and in writing 
•    Experience with scripting languages such as PowerShell and using Microsoft Graph API
•    Sound knowledge of common Indicators of Compromise (IOC), Advanced Persistent Threats (APTs), or Advanced Cyber Threat tactics, techniques and procedures (TTP) – including methods for detecting these incidents 
•    Team orientated, collaborative; relates well to people at all levels 
•    Analytical mindset, adept at problem-solving and implementing practical solutions.
•    Strong ability to work under pressure and adapt to change in high paced environment 

Life at Metcash 
�� Experience a supportive and flexible work environment. We are a FlexReady accredited workplace!
�� Enjoy a 5th week of annual leave every year after your first year.
�� Benefit from 2 well-being days and 1 volunteer day annually.
�� An abundance of learning, development, and career growth opportunities.
�� 12 weeks of gender-neutral paid parental leave for primary carers.
�� Proudly awarded “Bronze Employer for LGBTQ Inclusion”.
�� Recognised as 45th in the global "Equileap Top 100" for initiatives on gender equity.
⚖️A neutral gender pay gap of under 5% as published by WGEA 2022- 2023
�� Gold accreditation by Mental Health Australia.
�� Incredible value discounts and perks through our team member app, “Our Local”. 

About Us 
Metcash is Australia’s leading wholesale distribution company, with revenue exceeding $18 billion in FY23. We’re also an ASX top 100 listed company.
We believe that it is absolutely vital to Australia that there is a sustainable, independent, family-owned business sector. Independent retailers support their local communities. We help them to be the ‘Best Store in Their Town’ by providing merchandising, operational and marketing support across our food, liquor and hardware pillars.
We're dedicated to fostering diversity and inclusion in our workplace and are proud to be an equal opportunity employer. Joining our team means becoming part of something bigger, a company that actively promotes diversity, champions charitable causes, and supports environmental efforts. We welcome applications from individuals of all backgrounds, including First Nations. If you have any specific support or access needs, please don't hesitate to inform us when you apply. Rest assured; your personal information will be handled with the utmost confidentiality in accordance with applicable privacy laws.

Join us and be part of something bigger!

#LI-KS1

#INGF