Cyber Security Operations Lead

Eightcap is a dynamic online trading provider focused on delivering great trading tools and pro trading insight to enable smarter trading. With a commitment to excellence and a passion for delivering trading technology direct to clients and via our network of strategic partners, we are looking for an experienced Integration Engineer to join our team to deliver growth across global markets.

The company is headquartered in Melbourne, Australia and has offices in the UK, Cyprus, Bulgaria, Guatemala, Philippines, and Bahamas.

**Responsibilities**

Security Operations Leadership
- Own and continuously improve Eightcap’s SIEM coverage, detection use cases, and log quality across core platforms.
- Act as the technical lead on incidents, overseeing containment, investigation, and resolution activities.
- Establish playbooks and workflows for common alert types and high-priority attack patterns.
- Provide training, guidance, and hands-on mentorship to junior Security Operations staff.
- Manage the relationship with Eightcap’s Managed SOC provider, ensuring efficient escalation processes and clear accountability for 24/7 monitoring coverage.
- Work with the CISO to prioritise security operations tasks against business risk and available resources.

Incident Detection and Response
- Coordinate and triage alerts generated by the SIEM or escalated by Eightcap’s managed SOC provider.
- Lead investigations into unauthorised access, data exfiltration, or policy violations.
- Forensically analyse audit logs and system-level telemetry.
- Document clear findings, timelines, and recommendations as part of post-incident reviews.

Platform Security Uplift
- Drive improvements in security visibility (event collection, monitoring, and alert coverage) across high-value systems.
- Identify configuration gaps or blind spots that hinder detection and work with system owners to address them.
- Ensure visibility over critical security events, including authentication, privileged activity, file sharing, and data access.

Team Capability Uplift
- Establish metrics and reporting for alert volume, mean time to detect/respond, and incident types.
- Manage and refine integrations with the SIEM platform and associated tooling.
- Build lightweight automation (where appropriate) to accelerate repetitive investigation or triage tasks.
- Maintain strong internal documentation and ensure knowledge transfer to junior staff.

Culture & Teamwork
- Approach security work with initiative, adaptability, and a shared sense of ownership for Eightcap’s broader objectives.
- Be comfortable stepping outside your immediate remit where appropriate to support the delivery of key security outcomes.
- Engage constructively with technical and non-technical teams, focusing on practical, embedded contributions that move the organisation forward.
- Contribute to a culture of clarity, accountability, and steady execution.

**About You**
- Tertiary qualifications in cyber security, information technology, or a related discipline. (desired)
- Hands-on experience with Microsoft Sentinel, Defender for Endpoint, and the broader Microsoft security stack.
- Strong capability in triaging, investigating, and responding to security incidents across diverse systems and cloud environments (AWS/Azure/GCP).
- Demonstrated hands-on expertise with SIEM platforms and endpoint detection and response (EDR) tooling.
- Ability to define and continuously improve alerting rules, detection logic, and escalation workflows.
- Strong grasp of modern attack techniques, TTPs (e.g. MITRE ATT&CK), and threat actor behaviours.
- Strong grasp of security fundamentals such as authentication, encryption, access control, and logging across modern enterprise environments.
- Experience collaborating with cross-functional stakeholders, including IT, engineering, and compliance, in high-pressure environments.
- Clear, concise communication skills, both written and verbal, including incident reporting and stakeholder updates.
- Experience working in high-velocity or regulated environments, including fintech, trading platforms, or financial services. (desired)
- Familiarity with Microsoft Sentinel, CrowdStrike, AWS GuardDuty, Security Hub, and other modern security tooling. (desired)
- Scripting or automation experience (e.g. Python, PowerShell) to reduce repetitive workload and improve SOC efficiency. (desired)
- Relevant certifications such as GCIA, GCIH, GCED, or equivalent. (desired)

**Why Eightcap?**
- Ongoing investment in your career development
- Wellness and lifestyle perks like monthly corporate massages
- Parental leave
- Staff referral bonus program
- Employee-purchased leave
- Perkbox reward and recognition
- Study assistance
- Annual flu vaccinations
- Complimentary fruit and snacks
- Multicultural environment
- A dynamic and collaborative team culture
- Great CBD location with easy access to public transport
- Regular social activities

Are you interested in this opportunity but don’t meet ev