Lead Cybersecurity Analyst

Key Role:

The Security Operations Centre (SOC) is seeking a highly skilled Lead Analyst to drive the technical direction of our team, ensuring the implementation of best practices, processes, and technologies to enhance efficiency and effectiveness.

Primary Responsibilities:

• Lead a team of security professionals through coaching and development, providing guidance, mentorship, and support to enhance their technical and analytical skills.
• Analyse security data, including logs, network traffic, and threat intelligence, to identify patterns, trends, and anomalies indicative of potential security incidents or threats.
• Collaborate with the SOC Manager to develop and implement security policies, procedures, and standards, ensuring alignment with the organisation's security strategy and goals.
• Monitor and maintain adherence to service level agreements (SLAs), ensuring the timely and accurate detection, analysis, and response to security incidents and threats.
• Assist in the design, implementation, and fine-tuning of security analytic and correlation rules, alerts, and dashboards in the SIEM and other security tools to enhance the SOC team's visibility and response to emerging threats.
• Collaborate with the SOC team to investigate and respond to security incidents, providing subject matter expert (SME) guidance on the analysis and interpretation of security data.
• Stay up to date on emerging threats, attack vectors, and vulnerabilities, sharing findings with the SOC team and using this information to inform the development of new security analytics techniques and strategies.
• Conduct thorough handovers of security incidents to the Digital Forensics and Incident Response (DFIR) team.
• Assist the DFIR team with monitoring and investigation of security incidents as needed.
• Collate data to write and review customer reports, including post-incident reports, to a high standard.

Requirements:

• Self-motivated individual with a strong sense of ownership and the ability to work independently or collaboratively as needed.
• Demonstrated capacity to multitask and manage competing priorities effectively.
• Excellent communication, presentation, and interpersonal skills, with the ability to effectively convey complex security concepts to both technical and non-technical audiences.
• Detail-oriented with a strong commitment to documentation, process improvement, and knowledge sharing.
• Strong problem-solving and decision-making skills, with the ability to work under pressure.
• Ability to learn new technologies and tools quickly.
• Ability to develop and deliver training or speaking material for public and private events.
• Empathetic leader with the ability to work under pressure, prioritise tasks, and manage both your team's and your own time efficiently.
• Ability to communicate security confidently and accurately to experienced security professionals and executives.
• Ability to work as a team with decisions made to support moving toward common goals.
• Flexibility and motivation to work across various types of engagements.

Desirable Experience:

• Minimum of 5 years of experience in cybersecurity, with at least 2 years within a SOC.
• In-depth knowledge and experience with security tools and technologies, such as SOAR, SIEM, and EDR.
• Knowledge and experience in the Microsoft or Google security suites is highly desirable.
• Experience and confidence in managing security incidents from end-to-end.
• Experience and confidence in client-facing roles.
• Strong understanding of security operations, incident response, threat intelligence, and other key functions.
• Professional certifications are an advantage (i.e. CISSP, GREM, GCIH, GSOC, CompTIA CySA+).

What We Offer:

• Opportunities to undertake technical training and secure industry recognised certifications.
• Flexible working arrangements.
• Opportunities to work with some of the best cybersecurity professionals in the region, and to grow and develop your career.
• Joining a team of highly skilled and multi-cultural security professionals.

Additional Information:

This role requires Australian citizenship or residency status due to government regulations regarding foreign influence in defence contracting. Please do not apply if you are not eligible for these requirements.