Head of Cyber Security Operations

Downer is seeking a highly experienced Head of Cyber Security Operations to lead and manage our cyber security operations across Australia, New Zealand, and international regions. Reporting to the Chief Information Security Officer (CISO), you will be accountable for running, evolving, and modernising cyber security operations across a complex, federated organisation operating in regulated and critical environments. This includes owning the cyber security operations from strategy and design through to build, run, and continuous improvement.

This is a hands‑on leadership role for a senior cyber professional who has built and led large‑scale cyber operations, commanded major incidents, and can operate confidently at executive and levels while remaining grounded in technical and operational reality.

Key Responsibilities

Cyber Security Operations Leadership

• Own and lead the enterprise cyber security operations function.
• Ensure cyber operations are resilient, measurable, and outcome‑driven, aligned to business risk and operational priorities.
• Establish clear performance metrics and service outcomes across internal teams and strategic partners.

Trusted Business Partner

• Act as a trusted business, representing cyber operations in executive forums as required.
• Provide clear, pragmatic advice to senior leaders on cyber risk, operational readiness, and investment trade‑offs.
• Translate cyber threats and incidents into business‑relevant impact, options, and decisions.

Operational Strategy, Design & Build

• Lead the design and evolution of the cyber security operations including tooling strategy, service design, and vendor architecture.
• Drive security capability uplift aligned to the Information Security Manual (ISM) and ISO‑based management systems.
• Balance strategic uplift with operational stability in a live, high‑pressure environment.

Incident & Crisis Leadership

• Serve as the operational incident commander for significant cyber events.
• Lead cross‑functional response efforts spanning technology, legal, risk, communications, and business leadership.
• Ensure lessons learned are embedded into controls, architecture, and operating practices.

Vendor & Ecosystem Orchestration

• Orchestrate a multi‑vendor cyber ecosystem (SOC, MDR, tooling providers, forensics, IR partners).
• Hold partners accountable for outcomes, performance, and continuous improvement.
• Drive value, resilience, and risk reduction across outsourced and hybrid service models.

Leadership & Capability Development

• Build, lead, and mentor senior cyber leaders and practitioners.
• Foster a strong culture of accountability, learning, and operational excellence.
• Develop succession capability and reduce key‑person dependency.

What You Will Bring

Experience & Leadership

• Extensive experience leading enterprise‑scale cyber security operations in complex, regulated environments.
• Proven track record operating at Head of / Director or equivalent.
• Demonstrated ability to lead through high‑impact incidents and sustained operational pressure.

Strategy & Delivery

• Experience defining cyber strategy and turning it into operational reality, designing, building, and running capability.
• Strong understanding of the ISM, ISO/IEC 27001, SOCI, and risk‑based security operating models.
• Ability to balance security outcomes with commercial, operational, and delivery constraints.

Cross‑Functional & Domain Depth

• Experience working across technology, risk, legal, privacy, operations, and executive leadership.
• Deep understanding of how cyber security enables and protects complex business domains.
• Comfortable operating in federated environments with multiple stakeholders and priorities.

Technical & Professional Credibility

• Strong grounding across security operations, incident response, threat detection, and security engineering.
• Relevant tertiary qualification; industry certifications (e.g. CISSP, CISM) advantageous but not mandatory.
• Recognised for judgement, calm leadership, and decision‑making under pressure.

Benefits Of Working with Downer 

• Work with an ASX listed company, working with market leaders.
• Grow your career with us, we are passionate about giving our people opportunities to grow through personal and professional development and continuous learning:
  • Professional development programs
    • Access to professional memberships and industry networks
• Be part of a team that cares, we foster a work environment built on support that is flexible around our employee’s wellbeing needs:
  • Flexible work arrangements
    • Parental leave
    • Employee Assistance Program
    • Programs promoting diversity and inclusion
• A range of Corporate Benefits, including: 
  • Discounted services (car hires, hotels, insurance, retail stores, gyms)

Why Downer?

You want your work to matter and so do we.  With over 26,000 people across Australia, New Zealand and the Pacific, our team is made up of individuals with unique perspectives, backgrounds, and ideas.

We know that diversity makes us stronger and we actively celebrate it through our commitment to inclusion and belonging.

We’re committed to building a team that reflects the diverse communities we serve and we welcome people of all ages, genders, sexual orientations, cultures, abilities, and lived experiences. We especially encourage applications from those whose voices have traditionally been underrepresented in our industry, including women, Aboriginal and Torres Strait Islander Peoples, Māori and Pasifika Peoples, veterans, people with disability, and neurodivergent individuals.  Even if your experience doesn’t align perfectly with this role, we’d still like to hear from you. If it feels like the right fit, apply - potential counts, and so do you.

As a WORK180 Endorsed Employer, we support flexibility that works for your life, inclusive leadership that values your voice, and equitable access to opportunity so you can do your best work and bring your whole self to it.