Skip to main content
Posted 10 June, 2026

Team Lead - Global Threat Operations

twh
Sydney NSW, Australia Full Time
Reference: 487_675567_3147

LevelBlue reduces risk and builds lasting resilience so organizations can innovate and advance their mission with confidence. As the world’s most analyst-recognized and largest pure-play managed security services provider, LevelBlue elevates client outcomes that matter: stronger defense, faster response, and sustained business continuity. LevelBlue combines AI-powered security operations, advanced threat intelligence, and elite human expertise to provide the most comprehensive portfolio of strategic advisory, managed security, offensive security, and incident response services.

As the Cyber Security Operations Team Lead, you will provide leadership and technical expertise to a team of cyber threat analysts and engineers. You will act as a critical point of contact for managing and responding to security events, ensuring compliance with service level agreements (SLAs), and continuously improving security processes. Your leadership will be instrumental in achieving customer satisfaction and the overall success of our managed services. In addition to mentoring and leading your team, you will play a key role in developing new service offerings and integrating new technologies into our services portfolio.

Key Responsibilities

  • Team Leadership: Lead and mentor a team of cyber threat analysts and engineers, providing guidance and technical expertise to ensure efficient threat detection and response.
  • Thought Leadership: Act as both a team and thought leader to junior threat team members within the region and interact with peer leads and management across regions.
  • Security Event Analysis: Utilize strong operating system, TCP/IP networking, and application skills to analyze and understand detected threats.
  • Incident Response: Analyze and respond to security events from various sources, including firewalls, EDR, IDS, IPS, SIEM (Qradar, Splunk, ArcSight, LogRhythm), Web Application Firewall (WAF), and other security data sources, within documented SLAs.
  • Proactive Protection: Tune security devices for proactive blocking and detection based on customer business requirements.
  • Configuration and Management: Configure, manage, and upgrade protection policies for Intrusion Detection Systems (IDS), Intrusion Protection Systems (IPS), Security Information and Event Monitoring (SIEM) platforms, and Endpoint Detection & Response Platforms.
  • Process Improvement: Create, enhance, and document processes for the management and monitoring of security solutions.
  • Customer Engagement: Demonstrate leadership in all aspects of customer service, responding to customer needs and inquiries in a polite, positive, and professional manner.
  • Mentorship: Act as a mentor and escalation point for analysts and engineers within GTO, developing training plans to elevate their performance.
  • Project Leadership: Lead projects to develop new service offerings and integrate new technology into our services portfolio.
  • Collaboration: Collaborate with internal engineering teams to facilitate the implementation of new features and functions.
  • Data Analysis: Collect and report on data trending across multiple products and customers, providing input and guidance on new product development.
  • Security Awareness: Understand the broader security and threat landscape, concerns, and motivations.
  • Process Improvement: Collaborate with management on process enhancement, documentation, and definition for threat analysis and classification.
  • Culture of Growth: Foster a culture of growth and development within the teams, actively recognizing and rewarding team members for exceptional contributions.
  • Shift Flexibility: Be available to provide oversight or work any shift within your direct reports' 24/7/365 operations, including nights, weekends, and holidays.

Why it Matters:

Joining our team means becoming a vital part of a market-leading force dedicated to safeguarding critical assets, solving complex security challenges, and delivering innovative services that meet the security needs of our global customer base.

Why You Will Love It:

Exceptional Team: Lead a highly skilled team and collaborate with experienced leaders in cybersecurity who share your passion for delivering market-leading Managed Security Services.

Global Exposure: Gain insight into various aspects of the Managed Security Services business, with your leadership and actions directly impacting the security of organizations worldwide.

Ownership and Impact: Assume responsibility for defining and executing processes that consistently deliver outstanding results.

Skills & Knowledge Requirements:

The ideal candidate should have skills and knowledge in some of the following areas:

  • Project and Queue Management
  • SOC Operations/Management
  • Endpoint Detection & Response
  • Security Information and Event Management (SIEM)
  • Unix/Linux and Windows system administration
  • Information security best practices and network security architecture
  • Signature-based security products
  • Current exploit and remediation techniques
  • TCP/IP networking
  • Vulnerability Scanning technologies
  • Log collection and analysis tools
  • Threat Intelligence
  • Incident Response/Forensics
  • English: Demonstrated Fluency

Desired Experience:

  • 7 or more years of information security or networking experience.
  • Previous operational experience as an analyst, engineer, or team lead.
  • Excellent customer service skills.
  • Strong analytical thinking and problem-solving skills.
  • Strong oral and written communication skills.
  • Self-managed and team-oriented, with the ability to coach and teach.
  • Responsive, collaborative, and highly motivated.
  • Leadership and management experience.

Preferred:

  • Bachelor's/Master's Degree in Information Technology or a similar area of study.
  • At least 7 years of experience in Information Security or Networking.
  • Certification in a security-related industry, vendor, or professional certification

Education:

  • A high school diploma or equivalent is required; a college or university degree is a plus.

This role is open to candidates legally authorized to work in Australia. At LevelBlue, including teams that previously operated as Trustwave, we support flexible work and bring people together in person for key moments based on role, team, and business needs.

LevelBlue is committed to a culture of respect, inclusion, and equal opportunity. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other status protected under applicable law.

To all agencies: Please do not contact LevelBlue employees outside of the Talent Acquisition team. LevelBlue’s policy is to only accept resumes from agencies through its approved agency process and with a valid agreement in place. Any resume submitted outside this process will be considered the property of LevelBlue, and no fee will be paid if a candidate is hired from such a submission.

#LI-JF1

Apply to this Job

Sign up for Job Alerts

By clicking Create Alert, you agree to the Global Terms of Use Agreement and acknowledge that you have read and understand the Global Privacy Policy.