Overall Purpose

Our SOC Analysts are the first line of defence in our cyber security operations. You’ll be responsible for monitoring and assessing security events, mitigating and defending against malicious activity, and adapting to an evolving threat landscape. This role functions as a triage specialist, managing and configuring security tools, containing and remediating attacks, and preventing unauthorised access to critical systems and data.

This position requires flexibility to work shifts (including after-hours, weekends, and public holidays where these fall within your roster) as part of a 24/7 operational team.

Key Duties and Responsibilities

• Monitor and identify cyber security threats and SIEM alerts that pose, or may pose, a risk to clients.
• Triage alerts across a broad range of security controls and determine urgency, escalating to Tier 2 where appropriate.
• Document investigation steps clearly and escalate accurately when required.
• Provide Tier 1 resolution for basic security incidents, including initial reporting, follow‑ups, and requests for further information or action.
• Communicate directly with CyberClan customers regarding security incidents, emerging threats, and related matters.
• Produce and maintain documentation relevant to the SOC and the role.
• Contribute to continual improvement of the SOC knowledge base.
• Collaborate with CyberClan’s global teams during incident response activities.
• Support research into global security events, issues, and trends, producing advisories for customers where relevant.
• Manage and configure security monitoring tools.
• Investigate intrusion attempts and conduct in‑depth exploit analysis.
• Perform cyber threat research and analysis to strengthen network security.
• Assist in defining, testing, and operating new processes or technologies introduced to the SOC.
• Provide analytical insights on client network traffic patterns relating to malware and other threats.
• Manage and update service requests and incidents to ensure Service Level Agreements (SLAs) are met.
• Continuously develop technical and personal skills and support the development of colleagues.
• Contribute proactively to business KPIs.
• Adhere to all Information Security and company policies.
• Engage with strategic incident response and threat intelligence partners.
• Undertake additional responsibilities, training, and tasks as reasonably requested by management.
• Conduct periodic assurance reviews and produce associated reports.
• Participate in internal security awareness initiatives and training programmes.

Person Specification

Qualifications

• Bachelor’s degree in a relevant field (e.g., Computer Science, Information Technology, Cyber Security) or equivalent professional experience.
• Security+ or equivalent certification (e.g., CompTIA CySA+, GSEC).
• ITIL Foundation certification.

Skills, Knowledge, and Experience

• Experience using SOC tooling to identify and analyse threats.
• Familiarity with collaboration tools.
• Strong analytical mindset and structured approach to problem‑solving.
• Previous SOC analysis experience is beneficial.
• Willingness to share expertise and support team knowledge growth.
• Understanding of IT systems, networking, and the broader threat landscape, including:
• Network fundamentals (OSI model, TCP/IP, DNS, HTTPS, firewall logs).
• Cloud platforms (AWS, Google Cloud, Azure).
• Active Directory, Group Policies, PowerShell.
• Endpoint protection technologies (AV, web filtering, ATP, encryption).
• IDS/IPS systems.
• SIEM platforms.
• SOAR experience is an advantage.
• Understanding of malware capabilities, attack vectors, and impacts.

Personal Qualities

• Excellent interpersonal and customer service skills.
• Ability to communicate technical information clearly to non‑technical stakeholders.
• Genuine enthusiasm for working in cyber security.
• Strong written communication skills for documenting systems, processes, and incidents.
• Ability to identify and suggest improvements.
• Strong analytical and problem‑solving abilities.
• Adaptability to organisational change and ability to work independently under pressure.
• Proven ability to manage a varied workload effectively.

Cyberclan is committed to equal pay for equal work in its compensation practices. The base salary range for this position in Australia 60k-75k AUD. A candidate’s salary is determined by various factors including, but not limited to, relevant work experience, skills, certifications and location. This is Canadian-based employment, and it is expected that all employees maintain legal entitlement to work in Canada. Applicants selected to move forward in the hiring process are subject to background checks, including but not limited to criminal record, credit, and/or reference checks.,

Additional Information

This role may require a flexible working pattern, including shifts, weekends, and evenings. We are committed to fair and transparent rostering practices and fostering a collaborative working environment.