Details about the Client
ADF Careers is the largest workforce outsourcing solution in the southern hemisphere with over 80,000 applications received on average each year.
ADF Careers is on a mission to recruit the right people, in the right numbers, at the right time to support the Australian Defence Force to build, sustain and maximise Defence capability.
Our people are our greatest asset. We recognise and respect our people's need to work in ways that support their careers, families, and lifestyle. That's why we offer flexible working arrangements, learning pathways, additional leave entitlements and extensive corporate discounts across a variety of product and services. We want our people to be financially rewarded; to feel good and to go beyond what they thought possible at work.
Be you, and we'll be better together.
To find out more about our great employee benefits and what it's like to be part of the team, reach out to our friendly talent acquisition team.
Job Description
The Senior Operations Analyst delivers a measured and proactive DFR SOC service in line with the SOC-CMM and MITRE AT&CK frameworks. The position will focus on advanced detection engineering (Utilizing KQL), threat-informed use case development, digital forensics and incident response (DFIR), documentation and enterprise-wide cyber operations uplift. In addition, the Senior analyst will provide technical direction to projects which will include a heavy focus on cloud technologies and the Microsoft security stack.
Key Responsibilities:
* Ensuring the end to end implementation of the SOC-CMM framework inline with the continual service improvement and detection improvement strategies.
* Perform advanced malware analysis and DFIR activities, including reverse engineering, memory and disk analysis, attacker tradecraft identification, and post‐incident root cause analysis.
* Lead detection uplift initiatives, designing, improving, and rationalizing use cases that align threat scenarios with business risks and operational priorities.
* Provide senior technical input into enterprise ITSM cyber operations, including incident, problem, change, and service request integration.
* Support insider threat and e‐discovery activities in accordance with organizational governance, legal, and privacy requirements.
* Author and maintain detection improvement documentation, including rationale, testing results, assumptions, and operational guidance.
* Own and improve log management practices, ensuring critical security telemetry is collected, retained, normalized, and optimized for detection and investigation.
* Produce and maintain technology documentation, including security tool architecture, integration design, data flows, and operational uplift initiatives.
* Act as a technical escalation point and mentor for Tier 1 and Tier 2 SOC analysts, providing guidance during complex investigations and capability development.
* Collaborate with engineering, infrastructure, and application teams to remediate gaps in detection, logging, and control effectiveness.
* Contribute to strategic planning activities, including SOC roadmaps, tool capability assessments, and detection maturity reviews.
* Design and implement response automation to improve response speed, consistency, and analyst efficiency.
Candidate's Profile
Minimum of 5 year's experience in a cyber security function with a strong understanding of the ISM and global security standards.
Bachelor's degree in Cyber Security, Computer Science, Information Technology or relevant experience. Industry certifications such as those provided by ISC2, Microsoft, SANS or Offensive Security are preferable.
Your background will demonstrate:
To apply for this position, you must be an Australian citizen and have the ability to maintain an Australian AGSVA security clearance.
* A passion for cyber security coupled with excellent written and verbal communication skills
* Demonstrated experience in Microsoft cloud security technologies or relevant EDR and SIEM technologies.
* Experience in scripting python/bash/PowerShell
* Demonstrated experience operating in a Tier 3 SOC, DFIR, or detection engineering role.
* Deep understanding of attacker techniques, malware behaviour, and post‐exploitation tradecraft.
* Strong experience designing and validating SIEM and EDR detection logic at enterprise scale.
* Advanced knowledge of security telemetry, logging architectures, and data pipelines.
* Experience integrating security operations with enterprise ITSM platforms and processes.
* Strong documentation practices for technical, operational, and executive‐level audiences.
* Professional cyber security certification such as those provided by Microsoft, SANS or Offensive
* Ability to translate technical threats into business relevant risk and detection outcomes.
How to apply
If eligible, please submit your resume; applications are open to all qualified Australian citizens regardless of their background, identity, experiences and beliefs.
If you need assistance during our recruitment process, please email Sahar Khalid at sahar.khalid@adecco.com.au for a confidential conversation.
To apply for this position, please submit your application online through our designated platform. The deadline for applications is 11:30 PM (AEST) on 15th March 2026. It's important to note that applications will be reviewed and processed as they are received.
#J-18808-Ljbffr