Manager, SOC Onboarding, Cyber Threat Intelligence and Engineering

14 hours ago


Barangaroo NSW, Australia Thales Full time $60,000 - $180,000 per year

At Thales, we know technology has the ability to make our world more secure, sustainable, and inclusive – and that it's all driven by human intelligence.

Because it takes human intelligence to build and power the systems and solutions that people depend on every day. So we stay curious and make space for diverse points of view. We share what we know and we challenge what's possible.

From manufacturing and engineering to cybersecurity and space, we're driving progress in some of the world's most important industries – and working together to build a future we can all trust.

About the Team

At Thales, we know technology has the ability to make our world more secure, sustainable, and inclusive – and that it's all driven by human intelligence.

Because it takes human intelligence to build and power the systems and solutions that people depend on every day. So we stay curious and make space for diverse points of view. We share what we know and we challenge what's possible.

From manufacturing and engineering to cybersecurity and space, we're driving progress in some of the world's most important industries – and working together to build a future we can all trust.

Thales delivers cybersecurity products and services that keep people and assets safe, giving organisations confidence in the security of their digital journeys. Our solutions are deployed in 148 countries, helping governments to maintain sovereignty, and organisations to preserve their strategic autonomy. Thales is a global leader in cybersecurity - no.1 in data security - with 6,000+ experts and developers. We bring trust and resilience to key industries including finance, health, retail and manufacturing, as well as vital sectors such as aerospace, critical infrastructure, defence and space.

About the Role

The SOC Onboarding, CTI & Engineering Manager is responsible for leading and overseeing three core functions of our security operations capability: onboarding of new clients and technologies, cyber threat intelligence (CTI), and overall delivery of managed Endpoint Detection and Response (EDR) services. This role is both strategic and hands-on, involving cross-team collaboration, technical leadership, and strong client engagement.

You will be accountable for:

  • Lead the planning, coordination, and execution of SOC onboarding projects across diverse clients and technologies.
  • Ensure successful ingestion and normalization of log sources from on-prem and cloud platforms (e.g., firewalls, EDRs, AWS, Azure, GCP).
  • Define and enforce standard onboarding playbooks and documentation.
  • Coordinate with SIEM/SOAR engineers, client infrastructure teams, and project managers to ensure timely and effective onboarding
  • Oversee the development and operationalization of threat intelligence capabilities.
  • Integrate CTI into detection engineering, use case development, and incident response workflows.
  • Manage threat feeds, enrichment tools, and TTP mapping using MITRE ATT&CK.
  • Lead the creation of threat briefs, intel summaries, and threat hunting guidance.
  • Lead security and automation engineers to deliver client engagements and improve security platforms and automation.
  • Own the architecture, deployment, and lifecycle management of SOC tools including SIEM, SOAR, EDR/XDR, threat intelligence platforms, and log management solutions.
  • Lead integrations between SOC platforms and other enterprise systems (e.g., ITSM, CMDB, cloud platforms).
  • Ensure tool configurations align with detection, compliance, and operational needs.
  • Build and lead a high-performing team across onboarding, CTI, and delivery functions.
  • Develop career paths, training plans, and performance objectives for team members.
  • Identify areas for process improvement and automation to improve SOC onboarding and threat intelligence maturity.
  • Lead change management efforts related to onboarding frameworks, CTI workflows, and service expansion.

About You

To be successful in this role, you will ideally bring with you:

  • 7+ years of experience in cybersecurity operations, with at least 3 years in a leadership or management role.
  • Hands-on experience with SIEM/SOAR platforms (e.g., Google Chronicle, Splunk, Sentinel).
  • Strong understanding of log management, alert tuning, threat detection, and incident lifecycle.
  • Solid grasp of threat intelligence frameworks, IOCs, TTPs, and intelligence lifecycle.
  • Demonstrated experience delivering managed SOC services and handling enterprise customers.
  • Familiarity with CTI tools (e.g., MISP, Anomali, ThreatConnect, Recorded Future).
  • Project management certification (PMP, Agile, ITIL).
  • Experience working in MSSP environments.
  • Degree qualification in Cybersecurity, Computer Science, or a related field.
  • Certifications: CISSP, GCIA, GCTI, GCIH, or similar.

Our Benefits

  • Flexible working options
  • Paid Parental Leave and Veterans Leave
  • Novated Lease options
  • Family support through our partnership with Parents at Work
  • Ongoing personal and professional development opportunities
  • Sonder – Wellbeing & Support Partner

WE ENCOURAGE YOU TO APPLY

After you have applied, you will receive an email acknowledging your application. We'll then provide a personalised experience for suitable applicants as we progress the selection and assessment process. Prior to being offered employment, you will need to complete pre-employment police checks

.

As a Defence security clearance is required for this role, applicants must be Australian citizens and eligible to obtain and maintain an appropriate clearance. To learn more about clearances please visit

LI-PG1

It's easy to dismiss the perfect opportunity if you don't see yourself as the perfect fit. If this role feels right – no matter your background or personal circumstances – please introduce yourself or join our community. We're committed to supporting a diverse workplace, and that starts here.

We're proud to be endorsed by WORK180 as an Employer for All Women, but we know there's always more we can do. We'll continue to foster industry partnerships, employee resource groups (ERGs) and development opportunities to make Thales a genuinely equitable employer, for everyone.

Read more about our WORK180 endorsement.


  • SOC Onboarding, CTI

    2 days ago


    Barangaroo, New South Wales, Australia Thales Full time $120,000 - $180,000 per year

    At Thales, we know technology has the ability to make our world more secure, sustainable, and inclusive – and that it's all driven by human intelligence.Because it takes human intelligence to build and power the systems and solutions that people depend on every day. So we stay curious and make space for diverse points of view. We share what we know and we...


  • Barangaroo, New South Wales, Australia Thales Full time $120,000 - $180,000 per year

    At Thales, we know technology has the ability to make our world more secure, sustainable, and inclusive – and that it's all driven by human intelligence.Because it takes human intelligence to build and power the systems and solutions that people depend on every day. So we stay curious and make space for diverse points of view. We share what we know and we...

  • Senior SOC Analyst

    6 days ago


    Alexandria NSW, Australia AC3 Full time $140,000 - $155,000 per year

    Work with advanced security tools across cloud, enterprise, and gov environmentsBe part of a team that backs your growth, learning, and shared successTake the next step in your career - no prior leadership experience requiredAbout the company At AC3, our purpose is to make technology real, and as the leaders in secure multi-cloud solutions, we get to do...


  • Barangaroo, New South Wales, Australia Virgin Active Full time $120,000 - $180,000 per year

    Make an impact in this newly created role and shape cyber security across APACDesign, implement, and maintain security tools that keep our people and members safeNurture your own wellness with a free membership for you and a buddyWho are we? There's never been a better time to join Virgin Active We have the best talent, doing the best work of their lives...


  • Barangaroo, New South Wales, Australia Thales Full time $120,000 - $200,000 per year

    At Thales, we know technology has the ability to make our world more secure, sustainable, and inclusive – and that it's all driven by human intelligence.Because it takes human intelligence to build and power the systems and solutions that people depend on every day. So we stay curious and make space for diverse points of view. We share what we know and we...


  • Parramatta NSW, Australia NSW Department of Communities and Justice Full time $149,739 - $173,174 per year

    Department: Information and TechnologyLocation:Parramatta, NSW, AU, 2150Custom Field 4: 78429Manager, Cyber Security Operations and Incident ResponseLocation –Sydney Metropolitan - ParramattaEmployment type – Ongoing, Full TimeGrade – Clerk Grade 11/12Salary - $149,739 pa–$173,174 pa plus employers' contribution to superannuation and annual leave...


  • Barangaroo, Australia Thales Full time

    At Thales, we know technology has the ability to make our world more secure, sustainable, and inclusive - and that it’s all driven by human intelligence. Because it takes human intelligence to build and power the systems and solutions that people depend on every day. So we stay curious and make space for diverse points of view. We share what we know and...


  • Williamtown NSW, Australia Lockheed Martin Full time $150,000 - $200,000 per year

    NSW, WilliamtownHardware Engineering17718BRAbout us:At Lockheed Martin Australia, we believe that when people are empowered, inspired, and supported, they can achieve extraordinary things. We embrace flexibility, so our people can be their best inside and outside of work. We champion inclusion and continuous learning, ensuring all voices are heard and...


  • Sydney Western Suburbs NSW, Australia NSW Government Full time $129,464 - $142,665 per year

    Do you want your work to make a difference for NSW?Working to protect the state's environment and heritage.Are you passionate about protecting critical systems, data and services? Join our team and play a key role in safeguarding the security and resilience of our organisationTemporary full-time (35 hours per week) opportunity for up to 2 yearsOffice...

  • Network Manager

    1 week ago


    Barangaroo, Australia Thales Full time

    At Thales, we know technology has the ability to make our world more secure, sustainable, and inclusive - and that it’s all driven by human intelligence. Because it takes human intelligence to build and power the systems and solutions that people depend on every day. So we stay curious and make space for diverse points of view. We share what we know and...