Security Operations

Overview

Join to apply for the Security Operations (SecOps) Lead role at Wesfarmers Health.

What began in 1910 as a small co-operative of three pharmacies has grown into Wesfarmers Health—a leading Australian organisation in health, beauty, and wellness. Wesfarmers Health proudly employs over 3,600 team members, delivering accessible, innovative, and trusted health and beauty services across retail, medi-aesthetics, digital health, and wholesale and supply chain operations.

What you'll do

As our Security Operations (SecOps) Lead, you'll take a hands-on, frontline role in safeguarding critical systems, networks, and data from cyber threats. You'll serve as the key escalation point for our Security Operations Centre, triaging, assessing, and responding to security alerts and incidents — from straightforward issues to complex threats. You'll drive root-cause analysis, lead containment and recovery efforts, and strengthen overall resilience. You'll also proactively hunt for threats, refine detection rules, and support automation to uplift SOC effectiveness, ensuring operations stay aligned with security standards and compliance obligations.

As a key member of our Security Operations team, your key responsibilities will be:

Threat Monitoring and Detection

• Continuously monitor security tools (SIEM, IDS/IPS, EDR, etc.) for suspicious activities or alerts.
• Perform in-depth analysis of anomalies and potential threats using log data, endpoint telemetry, and network traffic.
• Correlate events from multiple data sources to identify patterns of malicious behaviour.

Incident Response and Management

• Triage, investigate, and respond to security incidents following defined playbooks and escalation procedures.
• Act as the escalation point for complex or high-impact incidents detected by Tier 1 analysts (SOC).
• Conduct root cause analysis and ensure effective containment, eradication, and recovery.
• Document incident reports and lessons learned for post-incident reviews.
• On-call responsibilities to respond to security alerts and incidents, including outside regular working hours in accordance with the security escalation matrix.

Security Tooling and Engineering Support

• Fine-tune detection rules and use cases in SIEM and EDR platforms to reduce false positives and increase detection fidelity.
• Collaborate with infrastructure or security engineering teams to implement improvements in security tools, logging, and visibility.
• Contribute to or lead efforts to automate repetitive tasks using SOAR or scripting (Python, PowerShell, etc.).
• Collaborate with internal and external stakeholders as required.

Threat Hunting and Intelligence Integration

• Proactively hunt for threats in the environment using hypotheses based on threat intelligence and past incidents.
• Integrate external and internal threat intelligence into detection and response workflows.
• Create threat detection rules based on threat intelligence, DFIR reports and known malicious IOAs.

Analytics & Reporting

• Produce and present detailed technical reports, as well as summaries for non-technical stakeholders.
• Track KPIs and metrics such as mean time to detect (MTTD) and mean time to respond (MTTR).
• Support compliance audits or regulatory reporting as needed (e.g., HIPAA, PCI-DSS, ISO 27001).

Documentation and Process Improvement

• Maintain thorough documentation of procedures, playbooks, detection rules, and response steps.
• Recommend and implement improvements to incident handling procedures and SOC workflows.
• Participate in regular red team/blue team exercises and help update response strategies accordingly.

What you'll bring

• Demonstrated years of experience in security threat monitoring, assessment, and investigations in a Security Operations or related service delivery role.
• Bachelor's or Master's degree in IT, Cyber Security, or related field.
• Industry certifications highly regarded (e.g., CISSP, SANS, CISM, CEH).
• Strong analytical and investigative skills.
• Proven experience in threat hunting, incident response, vulnerability assessment.
• Proficient in SIEM/IDS tuning, scripting, and automation.
• Sound understanding of risk and compliance frameworks (ISO27001, NIST, ISO31000).
• Experience with Microsoft security controls and cloud environments (AWS, Azure, GCP).
• Comfortable supporting audit and regulatory compliance initiatives.

Why us?

• Access to employee benefits across Wesfarmers including team member discounts at Bunnings, Kmart, Target, Officeworks, OnePass, Priceline and Clear Skincare Clinics.
• Ongoing professional development and career opportunities across the Wesfarmers Health Division and the broader Wesfarmers Group.
• Novated leasing options
• Access to our Employee Assistance Program (EAP) - available to all team members and their immediate family members, 24/7, 365 days a year
• Beautiful outdoor terrace for work and recreation.
• Food, coffee and health & wellbeing facilities onsite including a landlord operated gym
• Dedicated end of trip facilities (cycle racks, showers, lockers).

Aboriginal and Torres Strait Islander Applicants

Wesfarmers Health aims to become an employer of choice for First Nations Australians, through programs that empower First Nations team members within our stores, distribution centres, clinics and corporate offices. We provide authentic support through a diverse range of initiatives to assist personal and professional advancement.

Seniority level

• Entry level

Employment type

• Full-time

Job function

• Analyst and Information Technology

Industries

• Wellness and Fitness Services
• Retail
• Wholesale

#J-18808-Ljbffr

---