Cyber Security Threat Defence Manager

At Water Corporation were shifting our focus to the next phase of our strategic plan - building on strong foundations to strengthen capabilities modernise systems and accelerate innovation across the business. This phase is about elevating how we deliver technology services: making them faster more responsive and more closely aligned to the needs of our people our operations and our customers. To support this evolution were recruiting for key roles that will be pivotal in strategically shaping a modern collaborative and customercentric Information & Technology Group. If youre excited about leading innovation finding smarter ways of working and making a meaningful impact now is the perfect time to join us.

About the role:

For aCyber SecurityThreat Defence Manageritsan exciting timeto joinWater Corporation.

Ifyouresomeonewhoslooking for anopportunity toleadand develop a team of cyber security analystsleading the uplift of SIEM threat hunting and detection activities and co-ordinatingincident response all in critical infrastructure read on.

Real benefits that matter

• Real flexibility with options to work from home or negotiate flexible work hours
• An additional 2 well-being days each year
• Access to long service leave pro rata after 3 years of service
• Generous co-contribution superannuation scheme which offers up to 16%. This includes an 12% standard employer contribution plus an additional 2% employer co-contribution that matches your own 2% contribution
• Purchase additional leave of up to 12 weeks or work 4 years at a reduced salary and take the fifth year off as paid leave

Discover more benefits we offer to support the unique and individual ways our employees live.

What the role will involve

As Cyber Security Threat Defence Manager youll lead Water Corporations cyber threat defence capability across both Information Technology (IT) and Operational Technology (OT) environments. Youll be accountable for day-to-day security operations as well as the continuous uplift of our detection response and threat management maturity.

Key responsibilities include:

• Lead and develop a team of cyber security analysts responsible for threat monitoring investigation and response across IT and OT.
• Oversee the operation and performance of the Security Operations Centre (SOC) including service performance escalation pathways and continuous improvement.
• Own and uplift our SIEM and detection engineering capability including use-case development alert tuning analytics rule improvements log source onboarding and detection coverage reporting.
• Lead incident response management including triage coordination stakeholder communications post-incident reviews and driving remediation to closure.
• Establish and run a threat hunting program across IT and OT to identify abnormal or malicious activity and improve detection content.
• Manage vulnerability management in partnership with technology owners including prioritisation exception handling remediation tracking and reporting.
• Provide threat intelligence leadership: ingestion analysis dissemination and translating intel into actionable detections and risk-reducing controls.
• Work closely with OT infrastructure applications and risk stakeholders to align threat defence priorities to operational needs and critical infrastructure obligations.

Key skills and experience

To be successful in this role youll bring strong people leadership plus deep operational cyber security experience in threat defence.

Youll have:

• Demonstrated experience leading a SOC / cyber defence function including incident management and operational uplift.
• Hands-on understanding of SIEM operations and detection engineering (e.g. onboarding data sources building and tuning rules improving signal-to-noise and measuring detection coverage).
• Proven capability in incident response coordination and investigations including stakeholder management and driving remediation outcomes.
• Experience running or contributing to vulnerability management programs (prioritisation remediation tracking risk acceptance reporting).
• Experience with threat hunting techniques and using threat intelligence to inform detections and defensive priorities.
• Strong communication skills with the ability to explain cyber risk and operational impact to technical and non-technical stakeholders.

Highly desirable:

• Exposure to OT/industrial environments (e.g. SCADA/ICS) and an understanding of IT/OT security differences.
• Experience working in a critical infrastructure environment and familiarity with relevant Australian regulatory expectations and frameworks.
• Relevant certifications (e.g. CISSP CISM GIAC/SANS or equivalent).

What the role will offer:

Thisisnta stop-start program of work. Water Corporations cyber strategy is already under way and is delivered through continuous improvementcontinually uplifting the capabilities practices and tools that protect the organisation. That means steady progress clearprioritiesand meaningful outcomes.

Youllhave a strong pipeline of planned improvements to deliver helping evolve and uplift the organisations capability and maturity to deal with potential threats and give you plenty of scope to learn and sharpen your skills.

The work will be varied and challenging asitllsit across 2m customers and 3500 employees with an exposure to a full tech stack.

Youllbe joining a supportive and diverse teamwhollhave your back from day one.

Anditsyour workthatllcontinue to help future generations get access to clean running water every day.

Whatyoullbring to thisrole:

Ideallyyoullhave atertiary qualification or adegreeina technology-related discipline or extensive experience in the IT sector ideally withCISSP/CISM or equivalent qualifications.

Youllhave considerableexperienceleading a team of people to carry outcyber securityanalysis cyberframeworks risk mitigationstrategiesand governance.

On top of thisyoullalso have considerable experience in cyber security audit enterprise risk managementandpenetration testing.

Apply: If you are interested in the above opportunity please submit a covering letter and resume that best demonstrates your ability to meet the requirements of the role.

As part of the recruitment process you may be required to complete pre-employment screening which may include a medical qualification check police clearance and Australian working rights check.

Applications close Friday 22^nd May 2026

Our commitment to a diverse and inclusive workplace

Diversity and inclusion are more than words. They guide us on building a thriving workforce that reflects the diversity of our customers and our community.

We encourage applications from every background including Aboriginal and Torres Strait Islander people people with disability women youth LGBTQIA folks and people from culturally and linguistically diverse backgrounds.

We are committed to ensuring an accessible and inclusive work environment to enable people with disability to participate fully in all aspects of employment.

Applicants with disability who require adjustments during the recruitment process including an alternative format of the application form can contact a Recruitment Officer at or.

To read our diversity and inclusion statement please visit our website