Role Overview
The SOC Threat Intelligence and Threat Hunting Engineering Lead is a senior security professional responsible for leading advanced cyber threat intelligence and threat hunting functions for a protected SOC client. This role protects the organization's network and systems by proactively identifying, analyzing, and responding to complex security threats.
Key Responsibilities
* Act as the Cyber Threat Intelligence Lead within the SOC by managing threat intelligence tools, ensuring data quality, and collecting, analyzing, and disseminating actionable cyber threat intelligence.
* Collaborate with internal teams and external intelligence communities while continuously improving threat intelligence processes and staying updated on threat trends.
* Provide cyber threat intelligence insights to enhance detection and response, including monitoring threat feeds, threat actor activity, vulnerabilities, and credential exposure.
* Lead and support proactive and reactive threat hunting in close collaboration with the SOC team.
* Mentor SOC analysts and work closely with security engineering to improve detection coverage, reduce alert noise, and strengthen overall SOC capability.
Qualifications and Attributes
* Extensive experience in cyber threat intelligence and relevant tools.
* Advanced expertise using SIEM and detection tools, particularly Splunk, to investigate threats, develop detections, and support threat hunting activities.
* Strong understanding of threat hunting methodologies, cyber threat intelligence, and frameworks such as MITRE ATT&CK.
* Australian citizenship is required. Candidates must hold an NV1 security clearance or be willing and eligible to obtain one.
* 7–10 years of experience in SOC or cyber threat intelligence specialist roles with increasingly responsible and leadership responsibilities.
* Hands‐on experience applying cyber threat intelligence, including threat actor analysis, vulnerability intelligence, and emerging threat monitoring.
* Experience working with endpoint, network, and security tooling such as EDR, IDS/IPS, email security, vulnerability management, and SOAR platforms.
* Strong communication skills, with the ability to lead under pressure, mentor analysts, and engage both technical and non‐technical stakeholders.
What We Offer
* Career development: Future‐focused skills and world‐class experiences.
* Flexible work arrangements: Work‐style flexibility and autonomy.
* A comprehensive benefits package: Wellness incentives, additional flex leave, family‐friendly policies, gender‐neutral parental leave.
* Competitive salary open to negotiation based on skills and experience.
EY acknowledges the Traditional Owners and Custodians of the lands on which EY offices are located across Australia and encourages applications from people of all ages, nationalities, abilities, cultures, sexual orientations, and gender identities. We are committed to providing an equitable and barrier‐free recruitment experience for all.
Preferred applicants will be required to undertake employment screening by EY or an external third‐party provider.
#J-18808-Ljbffr