Overview
Senior Security Operations Analyst role at icare NSW. Responsible for the protection of data, information security engineering and the implementation and monitoring of compliance with information security policies and procedures.
The Senior Security Operations Analyst supports the organisation's cyber defence capabilities within the Security Operations Team, handling day-to-day monitoring, triage, and escalation of security events, supporting incident response activities, and maintaining key operational processes and tools. This role contributes to the security posture by ensuring timely detection and reporting of cyber threats, supporting process improvement, and maintaining high standards of documentation and coordination across the team.
Responsibilities
* Perform the investigation, containment and resolution of major or complex security incidents.
* Support analysis of security alerts, threat intelligence, and anomalous activity across networks, endpoints, and cloud environments.
* Develop and refine detection use cases and correlation rules in SIEM and XDR platforms.
* Monitor and respond to SIEM alerts for indications of potential cyber security events and incidents.
* Perform in-depth analysis of cyber security events and incidents to determine root cause, impact, and remediation actions.
* Perform threat hunting and proactive defence initiatives using data-driven techniques and behavioural analytics.
* Drive continual improvement of security monitoring capabilities, incident response playbooks, and SOC processes.
* Partner with technology and business units to ensure threat detection coverage and risk mitigation across platforms.
* Support uplift of tooling and automation within the SOC, including SOAR implementation and integration.
* Support incident post-mortem reviews and apply lessons learned to harden systems and processes.
* Act as a technical escalation point and mentor to other analysts in the Security Operations Centre.
* Mentor junior analysts and contribute to capability uplift across the cyber function.
* Maintain awareness of the evolving threat landscape and ensure proactive response to emerging risks.
* Ensure alignment with organisational security frameworks, policies, and compliance obligations (e.g. CPS 234, ISO 27001, NIST).
Skills & Experience
* Minimum 6+ years of experience in cyber security operations or technical security roles within large or complex organisations.
* Operational knowledge of data loss prevention and forensics technologies
* Demonstrated expertise with endpoint detection and response technologies
* Experience operating a SIEM and performing log analysis of various formats
* Expert knowledge of IT security principles across infrastructure & applications
* Experience in a SOC environment
* Strong written, presentation and interpersonal communication skills
* Ability to present technical evidence clearly for non-technical readers
* Experience in responding to and investigating cyber security incidents and events
* Experience with cloud security technologies and practices
* Experience handling high-severity security incidents and complex threat scenarios
* Experience working in enterprise SOC or MSSP environments
* Experience in governance frameworks and compliance environments (e.g. CPS 234, Essential Eight, NIST, ISO)
* Demonstrated ability to operate independently with sound judgement, accountability, and integrity
Culture
We value diversity and encourage applicants from different backgrounds. We are committed to our people's development so the people of NSW can thrive.
About the Company
icare NSW cares for the people of New South Wales, building confidence and trust to help communities thrive. We support a broad range of services and protect significant government assets.
* For more information about icare visit our website
* icare operates a direct sourcing model so no agency introductions will be accepted
* We are a CircleBack Initiative Employer—commitment to respond to every applicant
* A talent pool may be created through this recruitment process
Please note: Australian citizenship, permanent resident status, New Zealand citizen with a current NZ passport, or unrestricted working rights are required to apply.
#J-18808-Ljbffr