Cyber Fusion Center Principal (SOC Manager) - USDS
Sydney, New South Wales, Australia
About the Team
The TikTok Cyber Fusion Center is a global brand with locations opening in Washington D.C., Australia, and the UK. A Cyber Fusion Center comprises specialized, highly proficient security professionals who enable rapid and informed response to protect the company from cyber threat scenarios.
The Fusion Center Principal will lead the TikTok US Cyber Fusion Center in Sydney, Australia. You will build and lead a team of people, processes and technologies with the overarching goal of detecting and responding to threats that could impact TikTok's US operations.
Responsibilities:
As the Fusion Center Principal (SOC Manager), you will lead from the front in protecting our enterprise against evolving cyber threats. You will drive the strategy, execution, and daily operations of a high-performing team tasked with safeguarding critical assets in a fast-paced, highly technical environment. Your core responsibilities include:
- Team Leadership and Development: Recruit, mentor, and empower a multidisciplinary team of analysts, engineers, and incident responders. Foster a culture of technical excellence, continuous learning, and rapid response.
- Operational Excellence: Oversee 24x7 monitoring, triage, escalation, and incident management workflows. Ensure efficient case management, investigation quality, and SLA adherence across all shifts.
- Threat Detection and Response: Continuously refine detection logic, threat hunting strategies, and containment playbooks. Partner closely with Detection Engineering and Threat Intel teams to stay ahead of adversaries.
- Tooling and Automation: Drive the optimization of SIEM, SOAR, EDR, NDR, and threat intel platforms. Champion the use of automation to reduce manual effort and increase response speed and consistency.
- Incident Command: Lead critical incident response efforts, coordinating technical teams, communication streams, and post-incident reviews with precision and composure under pressure.
- Metrics and Reporting: Build and deliver high-quality operational reporting and KPIs that inform leadership, demonstrate SOC effectiveness, and uncover areas for improvement.
- Continuous Improvement: Evolve our detection and response capabilities through purple team exercises, adversary emulation, tabletop drills, and root cause analysis.
- Cross-Functional Collaboration: Work hand-in-hand with Product Security, Cloud Security, IT, Compliance, and other partners to build an integrated, defense-in-depth security ecosystem.
- Strategic Planning: Set the SOC’s vision and roadmap, ensuring alignment with broader security and business objectives. Advocate for resources, technology upgrades, and process improvements to future-proof the operation.
- This role is an opportunity to make a real impact - blending technical mastery, leadership, and innovation to defend against tomorrow’s threats today.
Knowledge & Skills:
- Strong leadership skills and the ability to foster a collaborative, high performing team
- Excellent analytical and problem-solving skills.
- Excellent communication skills (verbal and written), ability to influence without authority.
- Ability to balance risks in ambiguous and complex situations.
- Demonstrated teamwork and collaboration skills, in particular in leading or contributing to multi-functional teams.
Extensive incident handling experience
- Demonstrated experience in leading a security focused capability and providing world class services at enterprise scale
- Expertise in performing or overseeing malware analysis
- Expertise in performing or overseeing digital forensics for incident response
- Strong Operating System Administration skills including conceptual knowledge of OS internals and experience with core service types
- Strong experience with *NIX and Windows environments
- Strong expertise in networks and networking principles
- Strong technical depth in cloud environment incident response
- Experience in maintaining a working knowledge of global attack groups and their tools, techniques, and procedures
General Skills:
- Demonstrates excellent organizational direction, time management, problem-solving, prioritization, goal setting, leadership, motivation, negotiation, and interpersonal relations.
- Works well under pressure and within time/budget constraints to solve problems or meet objectives.
- Excellent fundamental knowledge of industry standard frameworks such as MITRE ATT&CK and NIST CSF
- Ability to communicate technical concepts to a broad range of technical and non-technical staff.
The TikTok Cyber Fusion Center is a global brand with locations opening in Washington D.C., Australia, and the UK. A Cyber Fusion Center comprises specialized, highly proficient security professionals who enable rapid and informed response to protect the company from cyber threat scenarios.
The Fusion Center Principal will lead the TikTok US Cyber Fusion Center in Sydney, Australia. You will build and lead a team of people, processes and technologies with the overarching goal of detecting and responding to threats that could impact TikTok's US operations.
Responsibilities:
As the Fusion Center Principal (SOC Manager), you will lead from the front in protecting our enterprise against evolving cyber threats. You will drive the strategy, execution, and daily operations of a high-performing team tasked with safeguarding critical assets in a fast-paced, highly technical environment. Your core responsibilities include:
- Team Leadership and Development: Recruit, mentor, and empower a multidisciplinary team of analysts, engineers, and incident responders. Foster a culture of technical excellence, continuous learning, and rapid response.
- Operational Excellence: Oversee 24x7 monitoring, triage, escalation, and incident management workflows. Ensure efficient case management, investigation quality, and SLA adherence across all shifts.
- Threat Detection and Response: Continuously refine detection logic, threat hunting strategies, and containment playbooks. Partner closely with Detection Engineering and Threat Intel teams to stay ahead of adversaries.
- Tooling and Automation: Drive the optimization of SIEM, SOAR, EDR, NDR, and threat intel platforms. Champion the use of automation to reduce manual effort and increase response speed and consistency.
- Incident Command: Lead critical incident response efforts, coordinating technical teams, communication streams, and post-incident reviews with precision and composure under pressure.
- Metrics and Reporting: Build and deliver high-quality operational reporting and KPIs that inform leadership, demonstrate SOC effectiveness, and uncover areas for improvement.
- Continuous Improvement: Evolve our detection and response capabilities through purple team exercises, adversary emulation, tabletop drills, and root cause analysis.
- Cross-Functional Collaboration: Work hand-in-hand with Product Security, Cloud Security, IT, Compliance, and other partners to build an integrated, defense-in-depth security ecosystem.
- Strategic Planning: Set the SOC’s vision and roadmap, ensuring alignment with broader security and business objectives. Advocate for resources, technology upgrades, and process improvements to future-proof the operation.
- This role is an opportunity to make a real impact - blending technical mastery, leadership, and innovation to defend against tomorrow’s threats today.
Knowledge & Skills:
- Strong leadership skills and the ability to foster a collaborative, high performing team
- Excellent analytical and problem-solving skills.
- Excellent communication skills (verbal and written), ability to influence without authority.
- Ability to balance risks in ambiguous and complex situations.
- Demonstrated teamwork and collaboration skills, in particular in leading or contributing to multi-functional teams.
Extensive incident handling experience
- Demonstrated experience in leading a security focused capability and providing world class services at enterprise scale
- Expertise in performing or overseeing malware analysis
- Expertise in performing or overseeing digital forensics for incident response
- Strong Operating System Administration skills including conceptual knowledge of OS internals and experience with core service types
- Strong experience with *NIX and Windows environments
- Strong expertise in networks and networking principles
- Strong technical depth in cloud environment incident response
- Experience in maintaining a working knowledge of global attack groups and their tools, techniques, and procedures
General Skills:
- Demonstrates excellent organizational direction, time management, problem-solving, prioritization, goal setting, leadership, motivation, negotiation, and interpersonal relations.
- Works well under pressure and within time/budget constraints to solve problems or meet objectives.
- Excellent fundamental knowledge of industry standard frameworks such as MITRE ATT&CK and NIST CSF
- Ability to communicate technical concepts to a broad range of technical and non-technical staff.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Category:
Leadership Jobs
Tags: Automation C Cloud Compliance EDR Forensics Incident response KPIs Malware MITRE ATT&CK Monitoring NIST Product security SIEM SOAR SOC Strategy Threat detection Windows
Perks/benefits: Career development
Region:
Asia/Pacific
Country:
Australia
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information System Security Officer jobsInformation Security Specialist jobsSenior Security Analyst jobsSenior Cloud Security Engineer jobsSystems Engineer jobsSenior Cybersecurity Engineer jobsSystems Administrator jobsSenior Information Security Analyst jobsInformation Security Manager jobsCyber Security Specialist jobsSenior Network Security Engineer jobsIT Security Analyst jobsChief Information Security Officer jobsIT Security Engineer jobsSecurity Consultant jobsSecurity Specialist jobsInformation System Security Officer (ISSO) jobsInformation Systems Security Engineer jobsSenior Information Security Engineer jobsSenior Cyber Security Engineer jobsSenior Product Security Engineer jobsCyber Threat Intelligence Analyst jobsCyber Security Architect jobsSecurity Operations Analyst jobsCybersecurity Specialist jobs
TS/SCI jobsEDR jobsSaaS jobsBash jobsJava jobsTop Secret jobsThreat detection jobsTerraform jobsSplunk jobsRMF jobsIDS jobsSDLC jobsIPS jobsSOC 2 jobsSQL jobsMalware jobsFinance jobsForensics jobsCompTIA jobsDocker jobsActive Directory jobsGIAC jobsIntrusion detection jobsITIL jobsDoDD 8570 jobs
VPN jobsOWASP jobsHIPAA jobsCRISC jobsIT infrastructure jobsAnsible jobsTCP/IP jobsCCSP jobsData Analytics jobsClearance Required jobsNIST 800-53 jobsOSCP jobsMITRE ATT&CK jobsBanking jobsZero Trust jobsCISO jobsUNIX jobsSOAR jobsDNS jobsIndustrial jobsJira jobsSOX jobsEndpoint security jobsPolygraph jobsJavaScript jobs