Cyber Security Analyst

Cyber Security Analyst | SOC Detection & Global Threat Monitoring

• Location: ACT (Onsite)
• Security Clearance: NV1 (Mandatory)
• Contract Length: 12 months + 2 × 12-month extensions (Department discretion)

About the position:

This Cyber Security Analyst role operates within a national-level Cyber Operations function responsible for monitoring and defending a globally distributed diplomatic network.

The focus is detection, analysis, and incident response strengthening monitoring capability, refining use cases, and collaborating across threat intelligence and response functions. This is an operational SOC role requiring strong analytical depth and disciplined incident handling.

You will work within a structured, high-trust security environment where accuracy and judgement directly impact operational resilience.

What you'll do:

• Develop and refine detection use cases for newly onboarded systems and log sources
• Analyse security events to identify anomalous activity and recommend countermeasures
• Participate in incident response and remediation activities
• Collaborate with threat intelligence teams to improve detection accuracy and defensive posture

What we are looking for:

• Minimum 3 years' experience operating as a Cyber Security Analyst within an active SOC
• Demonstrated capability designing and testing detection use cases
• Practical experience performing structured incident response activitie
• Strong documentation skills and ability to communicate analytical findings clearly

Seniority fit:

• This role suits analysts comfortable operating at SFIA Level 5 within established SOC environments
• Experience contributing to detection uplift and log operationalisation is expected
• Ability to work collaboratively and share knowledge within a security team is important

Technology & environment:

• Enterprise SIEM platforms and log aggregation systems
• Microsoft Defender XDR and Defender for Cloud (desirable)
• Splunk SOAR and Risk Based Alerting (RBA) frameworks
• Hybrid enterprise environments supporting global operations
• Threat intelligence integration and detection engineering workflows

A quick note before you apply:

• This role operates within an active cyber operations environment protecting globally distributed systems
• If your experience has been limited to governance, audit, or advisory cyber functions without hands-on SOC monitoring exposure, this may not align with current needs
• An active NV1 security clearance is mandator
• The position requires full-time onsite attendance in Canberra

To showcase your interest for the position, click on 'APPLY' on our website or for any further information, please contact Sanat Anmadwar on [email protected]. We look forward to seeing how your expertise can help us achieve excellence!