First listed on: 10 March 2023
EL 1 - AD Cyber Incident Response Coordination

$108,195 - $122,044 (plus Super and BDCP)
Harman - ACT

The Role
Within Defence Security Operations Centre (DSOC), the EL1 Cyber Incident Response and Coordination (CIRC) is responsible for leading a team of cyber security professionals in the assessment and remediation of cyber/ICT security incidents across Defence, requiring an in-depth knowledge of contemporary incident response frameworks, methodologies, and understanding of relevant Australian laws and regulations relevant to cyber security and incident response.
The EL1 CIRC will:

  • Be accountable to the Assistant Director Digital Forensics and Incident Response for the timely and accurate assessment of reported security incidents.
  • Require an in-depth knowledge of relevant cyber security frameworks and standards and the application of these in support of incident response.
  • Undertake complex problem solving and coordination activities, and perform detailed, time sensitive work in support of operational and strategic outcomes for Defence.
  • Be responsible for building team capability through coaching, feedback and mentoring activities to build resiliency and technical competency across a multi-disciplinary team.
  • Exercise associated people and financial responsibilities to achieve work unit outcomes.

The additional payment is a Building Defence Capability Payment (BDCP) which enables Defence to provide a premium, in addition to the rate of salary otherwise payable under the Enterprise Agreement (EA) to some or all of the jobs within a critical occupation(s) or discipline within a workplace. Applicants engaged into a BDCP position must consider the following. BDCPs provide remuneration in addition to the Defence Enterprise Agreement (EA). This arrangement is subject to meeting eligibility criteria and is subject to annual review. Should your performance fall beyond requirements or the eligibility criteria not be met, your eligibility for the BDCP may be reviewed and ceased. It may also be ceased should you change positions or the requirement for the BDCP is no longer necessary, as determined by Defence. Should the BDCP be ceased you will be advised and your BDCP additional payment will cease.

About our Team
The Defence Security Operations Centre (DSOC) is the strategic centre for Defensive Cyber Operations within Defence. DSOC provides mission and customer focussed services across the Defence enterprise and through a range of Security Operations functions including Incident Response and Digital Forensics, in-order-to defend Defence ICT systems and understand the risk to Defence information and systems. DSOC staff have access to contemporary tools, training, and support to enable them to achieve high quality, responsive, and dynamic outcomes for Defence and its customers. 

DSOC is a dynamic, collaborative, and agile team, providing ample opportunity for members to grow professionally whilst also and contributing to this key strategic capability. DSOC consists of a diverse workforce of complimentary skillsets and is inclusive of APS, ADF, and contractors. DSOC routinely engages with a wide range of stakeholders across the Department, Whole-of-Government, and Defence Industry, exploring new opportunities for continuous improvement and collaboration.

Our Ideal Candidate
Our ideal candidate will be:

  • A proven leader who possesses strong communication, interpersonal, and collaboration skills to work effectively with internal and external stakeholders, in-order-to understand and contextualise the threat to Defence, and support decision making.
  • A pragmatic self-starter with a proven ability to manage competing priorities to a high standard of accuracy within allocated timeframes.
  • Possess well-developed organisational skills, an understanding of data management best practice, and comprehensive analytical skills are highly valued.
  • Experience in stakeholder engagement, confident and persuasive communicator with the ability to explain complex concepts and risk in plain language.
  • Dynamic, able to switch priorities whilst maintaining focus of overarching strategic goals.
  • Demonstrated experience in managing multi-disciplinary teams and leading reform initiatives.
  • Demonstrated experience leading incident response, cyber security operations teams and capabilities, or leading in similar high tempo operational roles.

Application Closing Date: Wednesday 22 March, 2023

For further information please review the job information pack, reference CIOG/01827/23 on


Recent Jobs