L2 SOC Analyst

Role Overview – L2 SOC Analyst (Contract)

Location: Remote, Australia

Job type: 12-month contract (high likelihood of extension)

You’ll investigate and resolve security incidents escalated from Tier 1, leveraging threat intelligence, SIEM, EDR, and multiple telemetry sources to determine root cause, scope, and impact.

Key Responsibilities

• Lead investigations of security incidents through to resolution
• Review escalated alerts and perform in-depth analysis
• Develop, tune, and reduce false positives across SIEM use cases
• Create and implement SOC use cases, alerting logic, and runbooks
• Conduct proactive threat hunting across host, network, identity, vulnerability, and threat data
• Perform forensic investigations where required
• Collaborate with IT, infrastructure, and application stakeholders
• Document incident response activities for both technical and executive audiences

Required Experience

• 3+ years recent experience as a Tier 2 SOC Analyst
• Strong hands-on experience with Splunk, Microsoft Defender, Microsoft Sentinel, CrowdStrike, and Rapid7
• Demonstrated SIEM and data correlation expertise
• Experience creating SOC use cases, runbooks, and incident response plans
• Proven ability to lead investigations and security response efforts
• Curious, analytical, and proactive problem solver
• Experience in large enterprises, government, or critical infrastructure is highly regarded
• Australia Citizenship or PR

If interested, please apply directly or reach out to [email protected].