An ongoing opportunity is available as a Cyber Incident Controller to make a real impact across the Department and Schools.
Key Responsibilities
-
Lead and control cyber security incidents from detection through containment, eradication, and recovery
-
Lead Cyber Security Incident Response Team (CSIRT) meetings and provide clear, timely updates and advice to stakeholders
-
Manage the workflow ensuring incidents are allocated and coordinated with the relevant internal and/or external teams as required and maintains oversight and coordination until closure.
-
Analyse events and incidents to determine severity, impact, and long-term consequences to categorise appropriately to initiate response
-
Supports in analysis, investigations and remediation of threats and vulnerabilities
-
Develop and provides inputs to incident, operational, situational and compliance reports and data insights on incidents, threats, vulnerabilities, and response effectiveness
-
Performs stakeholder management by working closely with internal teams, external partners, other government agencies to coordinate efficient response to incidents and threat advisories
-
Perform other Security Operational activities to support maintenance and uplift of Department's security posture
Skills & Expertise
-
Strong understanding of NIST Cybersecurity Framework, Incident Response framework
-
Knowledge of attack tactics, techniques, and procedures using the MITRE ATT&CK framework
-
Strong understanding of security operations practises
-
Understanding of cloud platforms
-
Proven ability to lead cross-functional teams during high-pressure situations.
-
Strong decision-making and crisis management capabilities.
-
Excellent stakeholder engagement and executive communication skills.
-
Ability to influence outcomes without direct authority.
-
Strong written and verbal communication.
-
Ability to translate complex technical issues into business-focused language.
-
Experience presenting to senior executives and crisis management teams.
-
Hands-on experience in the use of various security platforms namely MS Sentinel, Defender, ServiceNow, Tenable
About the role
The Cyber Incident Controller plays a critical role in protecting the Department, including schools, by leading the detection, management, and response to cyber security incidents. This position provides incident response leadership by operating the Cyber Security Incident Response Service in accordance with the Department's Cyber Security Incident Response Plan (CSIRP).
The role provides operational leadership during cyber incidents, ensuring effective containment, eradication, recovery, stakeholder communication, and post-incident review while minimizing business disruption and cyber risk. Working in a fast-paced, high-volume, and complex environment, using a wide range of enterprise security platforms, the role will manage and coordinate incidents, cyber threat intelligence and deliver cyber advice to enhance the Department's overall security posture.
The role develops high-quality reporting and data insights for internal and external stakeholders on cyber incidents, threats, and vulnerabilities to inform performance, recovery, and remediation activities. The role will work closely with multi-disciplinary ICT teams, school technical teams, other divisions, and external agencies including the Victorian Government Cyber Incident Response Service (CIRS), the Australian Signals Directorate (ASD), and the Office of the Victorian Information Commissioner (OVIC) to support efficient response to threats.
Qualifications & Experience
-
Bachelor's degree or Diploma in Cyber Security or a related field
-
Minimum 3–4 years demonstrated experience in cyber incident response and se curity operations in a similar, large and complex environment
-
Proven experience leading cyber incident response activities
-
Proven stakeholder management experience and report writing skills
-
Experience leading responses to ransomware, malware, data breach, insider threat, phishing, cloud security, and advanced persistent threat (APT) incidents.
Desirable
- Experience in Threat hunting and advanced investigations
-
Cybersecurity Certifications:
-
CC
-
CISSP
-
Security+
-
SANS Digital Forensics or Incident Response certifications
How to apply
Applicants are encouraged to include a Curriculum Vitae and a Cover letter addressing the key selection criteria provided in the position description.
Further Information
For more details regarding this position please see attached position description.
The department values diversity and inclusion in all forms - gender, religion, ethnicity, LGBTIQ+, disability and neurodiversity. Aboriginal and Torres Strait Islander candidates are strongly encouraged to apply. For more information about our work, working for the Department, diversity and inclusion, and our employment conditions visit the Department website and our Diversity and Inclusion page
Applicants requiring adjustments can contact the nominated contact person.
Information about the Department of Education's operations and employment conditions can be located at www.education.vic.gov.au.
For further information pertaining to the role, please contact
Ashok Sangra – Manager viaemail at
[email protected]
Preferred applicants may be required to complete a police check and may be subject to other pre-employment checks. Information provided to the Department of Education will be treated in the strictest confidence.
Please let us know via phone or email if you require any adjustments to ensure your full participation in the recruitment process or if you need the ad or any attachments in an accessible format (e.g large print) due to any viewing difficulties or other accessibility requirements.
Applications close 11:59pm on Wednesday, 22 July 2026