Cyber & Resilience Senior Specialist (Technical)

About Us

At G’day Group, Australia’s largest regional hospitality provider, our Support Office team is at the heart of innovation, powering the success of over 300 unique locations across Australia. From technology and finance to marketing and operations, our diverse roles offer opportunities to shape the future of travel with creativity, strategic thinking, and a collaborative spirit.

We provide a dynamic environment where professionals in our Support Office team can thrive with the flexibility to balance work and life, while contributing to a company that prioritizes growth, employee wellbeing, and excellence.

If you're a forward-thinking professional eager to make a real impact, G’day Group is the place to elevate your career.

The Role

As the Cyber & Resilience Senior Specialist (Technical) you will be responsible for leading and managing the technical aspects of the organization's cyber security program. You will oversee the implementation and maintenance of security measures to protect the organization's information systems, networks, and data. You will work closely with various departments to ensure the security of the organization's digital assets and compliance with relevant regulations and standards.

This role will require you to:

• Cyber Security Operation Services Managed: Oversee the day-to-day operations of the Security Operations Centre (SOC), including Threat Intelligence and Monitoring, detection, and response to security incidents.
• Compliance & Risk Management (NIST 2.0): Map organisational security controls to the NIST Cybersecurity Framework 2.0 functions: Govern, Identify, Protect, Detect, Respond, and Recover.
• AI Security: To support the secure implementation of AI technologies across our organisation. Develop and enforce AI security policies aligned with our goals and regulatory requirements. Establish a governance framework for AI systems, including roles, responsibilities, and accountability. Collaborate with legal and compliance teams to ensure adherence to frameworks like NIST AI RMF and ISO/IEC 42001.
• Security Architecture & Engineering: Design and implement secure architectures for cloud and hybrid environments. Integrate Microsoft security tools with broader SIEM/SOAR ecosystems. Provide technical leadership in deploying Zero Trust models using Microsoft technologies.
• Advanced Threat Protection & Response: Configure, manage, and optimize Microsoft Defender for Endpoint, Identity, Office 365, and Cloud Apps. Lead threat hunting and incident response using Microsoft Sentinel. Manage Microsoft Purview for data loss prevention. Develop and fine-tune analytics rules, workbooks, and playbooks in Sentinel for automated detection and response.
• Vulnerability Management: Oversee the identification and remediation of vulnerabilities in systems and applications. Ensure timely application of critical patches and updates to prevent exploitation. Conduct risk assessments and vulnerability assessments to identify and mitigate potential security threats. Develop and implement risk mitigation strategies and action plans.
• Reporting and Dashboard Management: Develop and maintain comprehensive cyber security reports to communicate the organisation's security posture to stakeholders. Ensure the dashboard includes key metrics such as incident response times, vulnerability management status, and compliance levels.
• Vendor Management: Evaluate and manage relationships with external security vendors and service providers. Ensure that third-party security solutions meet the organization's security requirements.

Your Experience

You will have tertiary qualifications in computer science, Information Technology or a related field, plus professional qualifications such as CISSP and/or CISM are highly desirable. You will have experience within a similar managerial role within a highly commercial environment. You will have strong knowledge of security frameworks and standards, such is ISO2700I, NIST and the Australian Privacy Act, combined with experience in security technologies, including firewalls, intrusion detection/prevention systems, SIEM and endpoint protection.

You will possess a high level of energy, self-motivation, autonomy, initiative, flexibility and attention to detail to be successful in meeting the business demands at G'day Group. You will have excellent analytical skills, and a problem-solving mindset combined with being highly organised with the ability to assess the urgency of work allocated to you by various stakeholders.

Benefits

-            Health and Wellbeing – Flexible and hybrid working arrangements / Employee Assistance Program / Discounted private health cover / BeWell Training Program / Weekly yoga and walking group / Free annual flu vaccinations

-            Leave Policies – Parental leave / Volunteer leave / Study leave 

-            Professional Development – Leadership programs / Support of external training courses / Reimbursement of professional memberships

-            Employee Savings – Discounted accommodation and experience rates / Salary packaging / Discovery partner discounts/ Free G’day Rewards membership / Loyalty recognition benefits

Discovery is a dynamic company with an energetic ‘market disrupter’ reputation. If you are passionate, adventurous, and ready to hit the ground running, we want to hear from you.

Discover more to life - APPLY NOW!

Our ESG statement

The G’day Group acknowledges the increasing global expectation to demonstrate our approach to Environmental, Social and Governance (ESG) risk factors and sustainability in our daily operations and ongoing decision making. Our five-year ESG strategy is evolving to ensure we are committed to growing with care through supporting our people, giving back to the communities we operate in, and protecting our environment.

Conditions of Employment

Prior to an offer of employment being made, candidates must provide authority for a Federal Police Clearance to disclose any criminal offences or charges. Drivers Licence essential.