Information Security/Cybersecurity Operations Manager

Bring your authentic and passionate self to this exceptional role #careerswithimpact  

Are you an experienced Information Security/Cybersecurity Operations leader who's ready to make a difference? Information Security at HESTA is more than a technical challenge—it's a commitment to trust, integrity, and member protection. You'll be joining a high performing and collaborative team, all working together to deliver real-world impact through cybersecurity operations solutions.

Reporting to the General Manager – Information Security, you'll be responsible for shaping and executing HESTA's security operations strategy in a complex, fast-moving environment. You'll own HESTA's Security Incident Response capability and oversee the technologies and partners that underpin our threat detection and response—ensuring HESTA remains resilient in the face of evolving cyber threats.

What You'll Do

• Leading the Information Security Operations function responsible for Cyber Defense, Incident Response, Threat Intelligence and Digital Forensics.
• Managing a diverse, high performing team across key cyber operations disciplines, ensuring collaboration and capability uplift.
• Develop, implement and oversee the information security/cybersecurity operations strategy, continuous improvement of core security technologies (e.g. SIEM, MDR, EDR) aligning to the external threat landscape and evolving business priorities.
• Oversee HESTA's Security Incident Response capability, ensuring effective triage and resolution of security events.
• Driving proactive detection and response aligned to threat intelligence and evolving risks.
• Managing Managed Security Service Providers (MSSPs) and third-party partners to deliver strong, measurable security outcomes.

What You'll Bring

• Expensive experience managing cybersecurity operations/incident response functions/teams—preferably within financial services or superannuation.
• A people-first mindset, with demonstrated experience in building and mentoring high-performing teams.
• Deep knowledge of current and emerging threat landscape/intelligence, TTPs, security frameworks and regulatory requirements.
• Experience with Security Incident and Event Management (SIEM) systems (SumoLogic or Splunk), EDR/MDR and forensic tools.
• Strong understanding of cloud platforms and securing IaaS, PaaS, and SaaS environments.
• Experience managing outsourced providers and technology partnerships.
• Tertiary qualifications in IT, Cybersecurity or related discipline.
• Industry certifications such as CISSP, AWS/Azure Security, or equivalent highly regarded.

Benefits that matter and make a difference for our employees  

• Leave for those moments that matter, an additional 6 days of leave at the end of year, up to 6 days paid volunteer leave, gender neutral paid parental leave of 20 weeks, Gender Affirmation leave, reproductive health and wellbeing leave, Cultural and Ceremonial leave. Access your LSL after 3 years, take AL at half pay, and purchase up to 2 weeks additional leave (just to name a few).  
• Your professional development matters, up to $5k per year professional development and up to 8 days professional development leave, HESTA scholarships and free access to a range of premium learning tools.  
• Your health and wellbeing matters, free annual flu shots and skin checks, incredible social events throughout the year and a comprehensive employee assistance program available 24/7.  
• Your financial wellbeing matters, up to 15% super, financial planning support, end of year payment for all Enterprise Agreement-covered employees, incentivised Employee Referral Program and novated lease options.  
   

We celebrate, value and include people of all backgrounds, genders, identities, cultures and abilities. We welcome and support applications from First Nations people, physically, neuro or culturally diverse, LGBTQI+, and people of any age. We are proud to be WGEA accredited as an Employer of Choice for Gender Equity.   
 

We want all candidates to feel safe, included and provided with the best opportunity to thrive, if you require reasonable adjustments during your application or throughout the recruitment process, please reach out to a member of the Talent team and we'll call you to discuss.   

Ready to lead security with impact? Apply Now

Please note: Applications via recruitment agencies will not be accepted for this position.