We are seeking a proactive and skilled Tier 2 SOC Analyst to join our clients dynamic cybersecurity team. In this critical role, you will be on the front lines, investigating and remediating advanced threats targeting a range of payments and trading systems. You will play a key part in protecting our customer's assets and data by enhancing our defences and responding to incidents in real-time.
What You Will Do
* Incident Investigation: You'll be the primary responder for high-severity security alerts escalated from our internal teams and external SOC partner. You will validate and analyse threats from our SIEM and EDR platforms.
* Threat Hunting & Detection Engineering: Go on the offensive by proactively hunting for threats and developing new detection use-cases in Sentinel or Splunk. You'll use intelligence from industry groups like FS-ISAC and APWG and dark-web monitoring to stay one step ahead of attackers.
* Deep-Dive Forensics: Conduct in-depth host and network forensics using tools like FTK, EnCase, and Wireshark to uncover indicators of compromise (IOCs). You will then map your findings to the MITRE ATT&CK framework to document and categorise each incident.
* Remediation & Response: Lead the charge in remediating active threats through activities like patch management, certificate revocation, and firewall-rule updates. You will coordinate with our external Incident Response (IR) team for complex breach scenarios, ensuring compliance with regulatory notification timeframes (e.g., APRA CPS 230/234 and PCI DSS).
* Automation: Use your scripting skills in Python, Bash, or PowerShell to automate enrichment and triage workflows, enhancing the efficiency of our security operations.
* Reporting & Knowledge Transfer: Manage security incidents and service requests in ServiceNow, and contribute to key reports for senior leadership. You'll also be a mentor to Tier 1 analysts, sharing your expertise on evolving threat tactics and tools.
What We Are Looking For
* Experience: 3-5 years of hands-on experience in a SOC or incident-response role, preferably within the banking, wealth management, or payments sectors. Experience with outsourced SOC operations is a significant plus.
* Technical Skills: Proficiency with Sentinel (or Splunk/QRadar), CrowdStrike (or Carbon Black), DLP, and vulnerability-scanning tools.
* Certifications: You should have a relevant degree or diploma in Cybersecurity or Digital Forensics. Certifications such as CISSP, CSX-P, GIAC GCIA, GCIH, or GCFA are highly valued. Microsoft Security certifications are a plus.
* Domain Expertise: A solid understanding of relevant regulatory requirements like APRA CPS 230/234 and PCI DSS.
* Communication: Strong communication skills to effectively manage stakeholders, document incidents, and mentor junior team members.
If you're a proactive, results oriented Tier 2 SOC Analyst looking for work, apply now or send your CV to jorden.ortez@randstaddigital.com.au
At Randstad Digital, we are passionate about providing equal employment opportunities and embracing diversity to the benefit of all. We actively encourage applications from any background.
show more