Talenza have been exclusively engaged by a boutique security consultancy on the engagement of a Mid/Senior SOC Analyst.
This role is preferably based in Melbourne but the client may consider superstar candidates who tick all the boxes interstate.
The Cyber Defe
nce Analyst (CDA) is part of their SOC team providing Managed Detection and Response (MDR) and Incident Response (IR) services. The Primary responsibility of the Cyber Defence Analyst is to investigate anomalies and manage security events and incidents. This will involve leading incident investigations and performing response actions using automated playbooks. The CDA will work closely with the Threat Detection Analyst in providing customise information to enrich detection rules and provide feedback on false positives. CDA's will assume lead Incident Handler for their client subset following the investigation through to closure. Adherence to service level agreements for detection, response and remediation with our clients is also important.
The CDA is also responsible for fostering technical relationships with our clients to ensure services are delivered to a high quality.
- Respond to Incidents and Alerts and Incidents IAW client SLAs
- Operate the SOAR platform for case management and response playbooks
- Utilise techniques for investigating host and network-based intrusions using SOC technologies.
- Interpret the information collected by the SOAR and its integrations
- Report false positives and detection rule issues to the Threat Detection Analyst team
- Create and deploy response playbooks to take remediation actions in client environments
- Implementing and documenting Incident Response Plans for each client
- Creating Incident Reports for clients
- Be the first Point of Contact to all clients
- Apply cyber security and privacy principles to organisational requirements
- Professional Certifications, such as (but not mandatory), CISSP, CISM, ITIL Foundations, and SANS training.
- Demonstratable experience in cyber security analysis and incident handling
- Experience with SIEM technologies (Splunk, Elastic, AlienVault, MS Sentinel)
- Experience with SOAR technologies and playbook development
- Experience with EDR technologies (Carbon Black, CrowdStrike, Defender ATP)
- A thorough understanding of the Cyber Kill Chain & Mitre ATTACK framework
- A thorough understanding of cyber security alert triage and case management
- Strong organisational, presentation, and customer service skills.
- Minimum 3 year of SOC or related experience
- Great salary and benefits package including generous childcare support options
- Inclusive culture with gender balanced team
- Work from home every day except Friday (Unless interstate)