Spirit Managed Services is now branded Infotrust.
SOC Emergency Number:
1300 554 798

Head of SOC

Sydney, NSW
Melbourne, VIC
Brisbane, QLD
Home
Careers
Head of SOC

Let's Get STARTED

CONTACT US
CALL US

We are seeking a highly experienced and visionary leader to guide the strategy, operations, and future evolution of our Security Operations Centre.

This senior leadership role will oversee a hybrid global operating model that combines in-house teams from Australia and the Philippines. The Head of SOC will ensure these teams operate as one, with aligned processes, clear accountabilities, and seamless service delivery.

The successful candidate will be a strategic and innovative leader, capable of shaping the SOC to meet the needs of a rapidly evolving threat landscape, whilst ensuring alignment with business objectives and risk priorities. They will bring a forward-looking mindset, balancing operational excellence with long-term transformation, and will drive efficiency, scalability, and resilience within budgetary and regulatory frameworks.

Beyond operational oversight, you will be a people-first leader - dedicated to attracting, developing, and retaining high-performing teams. You will foster a culture of collaboration, professional growth, and continuous improvement - positioning the SOC as both a trusted advisor to stakeholders and a centre of excellence for talent development.

Responsibilities

Strategic Leadership
  • Define and execute the SOC vision, strategy, and roadmap, ensuring alignment with business objectives, enterprise risk appetite, and regulatory obligations.
  • Drive SOC maturity uplift using recognised frameworks such as MITRE SOC-CMM, CMMI, and NIST CSF.
  • Act as a trusted advisor to executive leadership, the Board, regulators, and clients, providing clear and actionable insights into global threat posture, cyber risk, and SOC performance.
  • Champion innovation and growth, ensuring the SOC remains agile and future-ready in the face of evolving threats and market demands.
  • Build and lead a high-performing, globally distributed SOC workforce, fostering a culture of empowerment, collaboration, and continuous improvement.
  • Lead talent strategies that support professional development, succession planning, and retention of top talent.
  • Act as a senior escalation point during major incidents and crises, providing executive level communication and decision-making support.
Operations Management
  • Lead a ‘follow-the-sun’ operating model, ensuring seamless global coverage and effective integration of offshore 24/7 Tier 1 services.
  • Provide executive-level oversight of SOC operations, balancing offshore and in-house teams to deliver consistent, high-quality service.
  • Oversee service delivery obligations, ensuring contractual SLAs, KPIs, and OLAs are consistently met or exceeded.
  • Ensure major incidents are managed effectively, with robust escalation processes, clear executive-level communication, and timely decision-making.
  • Establish strong integration between SOC operations and business-critical functions such as Incident Response, Crisis Management, Legal, and Communications.
  • Foster collaboration between SOC, Threat Intelligence, Red Team, and Vulnerability Management functions to enhance organisational resilience.
  • Deliver regular SOC performance reporting to executives and stakeholders, providing actionable insights, dashboards, and recommendations.
Technical & Operational Oversight
  • Lead and guide global monitoring, detection, and response capabilities, ensuring effective use of industry-leading tools and platforms, including:
    • SIEM (Splunk, QRadar, Elastic, Sentinel, Chronicle).
    • EDR/XDR (CrowdStrike, Microsoft Defender, SentinelOne, Carbon Black). o NDR/IDS/IPS (Corelight, Darktrace, Suricata, Snort). o SOAR platforms (Cortex XSOAR, Splunk Phantom, Shuffle) for orchestration and automation.
  • Oversee offshore Tier 1 triage activities, ensuring enrichment, automation, and escalation accuracy.
  • Champion adoption of the MITRE ATT&CK framework, mapping detection coverage, driving adversary emulation, and aligning to global best practices.
  • Support and collaborate with DFIR teams, ensuring forensic artefacts are preserved and investigations are legally defensible.
  • Ensure robust cloud-native monitoring and detection across AWS, Azure, and GCP environments.
  • Lead advanced proactive threat hunting and purple-team exercises globally.
Governance, Risk & Compliance
  • Ensure SOC operations comply with international regulatory and compliance requirements (eg. ISO 27001, NIST, SOC 2, PCI DSS, GDPR, SOCI Act).
  • Oversee and ensure the continual improvement of SOC governance, policies, frameworks, and playbooks.
  • Partner with enterprise risk and compliance teams to align SOC outcomes with organisational objectives and audit readiness.
  • Provide transparency and assurance to executive committees, clients, and regulators through structured reporting and oversight.
Innovation & Future State

Work with infotrust product management team to refine and continually evolve the SOC environment roadmap, incorporating:

Chair the SOC Customer Advisory Board, ensuring that the advisory board remains active, provides strategic value and benefits both clients and infotrust.

Anticipate and respond to emerging risks, technological trends, and regulatory changes, ensuring the SOC remains adaptive, scalable, and resilient.

Provide guidance to the SOC engineers to provide next-generation detection and response technologies to strengthen resilience and future readiness.

Champion automation-first operations, reducing manual workloads, duplication, and alert fatigue while driving efficiency.

Deliver client-facing SOC insights and reporting that demonstrate measurable value, maturity uplift, and continuous improvement.

Measurements of success

  • SOC staff retention
  • Customer retention
  • Cost optimization

Key Competencies & Experience:

Extensive Cybersecurity Leadership
  • 15+ years of experience in cybersecurity, including 10+ years leading SOC operations and a minimum of 5 years at the helm of global or multi-regional SOC organisations. Adept at building and scaling SOC capabilities aligned with enterprise risk and business objectives.
Global Operations & Vendor Governance
  • Demonstrated leadership managing global 24/7 SOC functions and third-party MSSP relationships.
  • Deep experience in structuring strategic vendor partnerships, negotiating performancebased SLAs, and overseeing long-term vendor governance frameworks to drive efficiency and accountability.
SOC Engineering Strategy & Technical Oversight
  • Strategic oversight of SOC engineering programs, including advanced detection engineering (KQL, SPL, Sigma, YARA), threat enrichment pipelines, and scalable automation playbooks.
  • Proven ability to translate threat models into measurable detection capabilities and proactive defense strategies.
Cyber Threat Intelligence & Incident Response Leadership
  • Deep integration of cyber threat intelligence, adversary emulation, and DFIR methodologies into operational frameworks.
  • Expertise in leveraging intelligence to proactively shape detection strategies, anticipate emerging threats, and accelerate incident response maturity.
Cybersecurity Program Development in Complex Environments
  • Demonstrated track record of designing and executing enterprise-wide cybersecurity programs in highly regulated, globally distributed organisations.
  • Experienced in aligning technical delivery with enterprise risk frameworks and compliance mandates.
Strategic Stakeholder Engagement
  • Trusted advisor to C-level executives and board stakeholders.
  • Skilled in communicating cyber risk in business terms and driving alignment between cybersecurity initiatives and strategic business outcomes.
Business & Operational Performance Leadership
  • Proven ability to deliver against financial targets, resource utilisation goals, and operational KPIs.
  • Experience optimising SOC delivery models to improve coverage, reduce cost, and enhance service quality.
Technology & Security Architecture Fluency
  • Broad expertise across core security technologies including firewalls, IDS/IPS, SIEM, EDR/XDR, cloud security, and encryption.
  • Strong understanding of security architecture across on-prem, hybrid, and cloud environments.
  • Proven forward-looking understanding and adoption of technology changes including impacts of AI, automation, and changing threat landscape.
Regulatory Compliance & Risk Management
  • Extensive knowledge of global compliance frameworks and regulatory obligations (e.g., ISO 27001, NIST CSF, GDPR, SOCI, SOC 2, PCI-DSS).
  • Experienced in aligning SOC operations with internal audit, GRC, and external regulatory requirements.
Enterprise Risk, Resilience & Vulnerability Management
  • Strong understanding of enterprise risk assessment methodologies, vulnerability lifecycle management, and disaster recovery strategies.
  • Proven success in embedding resilience thinking into SOC strategy and operations.
Large-Scale Team Leadership & Workforce Strategy
  • Effective leadership of large, geographically distributed teams (40+ FTEs), with a focus on talent development, succession planning, and workforce capability building.

Skills:

Technical Knowledge:
  • 10+ years within information security, including analyst or engineering roles.
  • In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors and various types of security controls
  • Knowledge of various operating systems including Windows, Linux and Mac
  • Working knowledge of network and endpoint security, countermeasures, sensors and products.
  • Working knowledge of security event log analysis and incident handling.
  • Working knowledge in SIEM queries and integrations.
  • Working knowledge and experience with ITSM tools.
  • Enterprise system administration experience is advantageous.
Leadership & Business Acumen
  • Demonstrated ability to build and scale distributed teams across regions and time zones.
  • Strong stakeholder engagement skills; ability to translate technical issues into business risk language for executives and clients.
  • Budget ownership experience, with proven ability to optimise global SOC operational spend.
  • Strong client-facing skills, with ability to represent SOC services to external stakeholders.
  • Proficient incident and risk manager.
  • Good analytical skills, problem solving and Interpersonal skills.
  • Ability to articulate ideas to both technical and non-technical audiences.
Certifications (Highly Regarded)
  1. Leadership & Governance: CISSP, CISM, CISA.
  2. Operational Expertise: GIAC GCIA, GCIH, GCFA, GNFA, GDAT.
  3. Cloud Security: AWS Security Specialty, Microsoft AZ-500, GCP Security Engineer.
  4. Detection & Threat Modelling: MITRE ATT&CK Defender (MAD) or equivalent.

Personal Attributes:

  • Calm Under Pressure. Maintains focus and leads decisively during high-impact incidents and crises.
  • Effective Prioritisation. Balances tactical response with long-term strategic goals in a dynamic 24/7 environment.
  • Stakeholder Management. Builds trust and alignment with executive and crossfunctional stakeholders.
  • Clear Communication. Translates technical risk into business language for senior leadership and partners.
  • Strong People Leadership. Inspires and develops high-performing, globally distributed SOC teams.
  • Collaborative Influencer. Works across functions to drive unified cybersecurity outcomes.
  • Pragmatic Problem Solver. Delivers innovative, risk-based solutions to complex challenges.
  • Client-Focused Mindset. Understands stakeholder needs and builds long-term partnerships through service excellence.

How to Apply

Please send resumes to: pauline.tabirara@infotrust.com.au

WOULD YOU LIKE TO KNOW MORE?

Contact Us

Connect with us:

Terms and ConditionsPrivacy Policy
Copyright © 2025 Infotrust ABN 86 169 030 568. All Rights Reserved.