L2 Security Analyst

Are you an experienced analyst that wants to build a new CSOC team in Austalia?

Our client is establishing a cutting-edge Cyber Security Operations Centre (CSOC) in Australia to work alongside their UK operation.

• MUST HAVE RIGHT TO WORK IN AUSTRALIA
• NO SHIFTS

Their current UK CSOC is on a mission to become a world-class, next-generation MXDR provider, delivering exceptional security services and protection to their clients. As part of this initiative, they are looking for an enthusiastic Senior Security Analyst to play a critical role in building and shaping their CSOC operations.

Key Responsibilities:

• Mentorship & Leadership: Guide and mentor the analyst team, fostering a culture of continuous improvement and excellence.
• Monitoring & Detection: Oversee the security technology stack, including EDR, XDR, CASB, CSPM, SIEM, and SOAR.
• Threat Hunting: Lead proactive threat hunting activities across the customer base.
• Process Optimization: Develop and refine playbooks and runbooks to enhance security operations.
• Quality Assurance: Perform quality checks on analyst tickets, incidents, and customer interactions to ensure high standards.
• Incident Investigation: Conduct investigations in response to security alerts, leveraging available security tools.
• Proactive Security Measures: Utilize vulnerability management and threat intelligence to detect and prevent potential compromises.
• Innovation & Continuous Improvement: Challenge existing processes, introduce new ideas, and drive improvements in security operations.
• Collaboration: Work with internal teams and act as a subject matter expert (SME) on security-related matters.
• Technical Documentation: Develop and maintain technical documentation, including use cases and playbooks, to support incident response and root cause analysis.
• Customer Engagement: Assist in preparing security incidents for escalation and responding to ad hoc client requests.
• Threat Intelligence & Tuning: Implement security tuning and analytics in response to emerging threats.

Desired Qualifications & Experience: While not essential, the following qualifications and skills would be advantageous:

• Certifications: CompTIA CySA+, Security+, CCNA, Network+.
• Scripting & Automation: Ability to work with Python to enhance security automation.
• Education & Experience: Degree in Computer Science, Cybersecurity, or equivalent work experience.
• Framework Knowledge: Understanding of the MITRE ATT&CK framework or other security defense models.
• Cloud Security Expertise: Experience with Microsoft Azure or other cloud-based technologies.

Apply now if you want to be the first boots on the ground in a brand new team build!!