Job Opportunity: Cyber Security Operations Centre Analyst
The Cyber Security team at ASIC delivers a comprehensive range of services to safeguard the organisation's digital environment. These services include threat monitoring, incident response, security architecture, and cyber assurance. The team plays a critical role in protecting ASIC's systems and data, ensuring resilience against cyber threats, and supporting the organisation's regulatory mission.
About the Role:
This is an exciting opportunity for a motivated and detail-oriented SOC Analyst to join our dynamic team focused on proactive threat hunting and incident response. As a SOC Analyst, you will play an important role in developing alerting rules and threat response playbooks for systems integrating with Microsoft Sentinel, build and refine KQL queries to support investigations, threat hunting, and traffic analysis, assist in implementing Sentinel-as-code through CI/CD pipelines, co-manage the Sentinel incident queue, including incident resolution and root cause analysis, support the CIRT lead during active incidents, analyse cyber threat intelligence feeds to identify and respond to relevant indicators, assist in automating Sentinel workflows using Microsoft Logic Apps to improve efficiency, conduct proactive threat hunting for anomalies, attack vectors, and misconfigurations, and remediate where possible, and assist the SOC Team Lead with continuous improvement of SOC processes, tooling, and service delivery.
Key Responsibilities:
* Develop alerting rules and threat response playbooks for systems integrating with Microsoft Sentinel
* Build and refine KQL queries to support investigations, threat hunting, and traffic analysis
* Assist in implementing Sentinel-as-code through CI/CD pipelines
* Co-manage the Sentinel incident queue, including incident resolution and root cause analysis
* Support the CIRT lead during active incidents
* Analyse cyber threat intelligence feeds to identify and respond to relevant indicators
* Assist in automating Sentinel workflows using Microsoft Logic Apps to improve efficiency
* Conduct proactive threat hunting for anomalies, attack vectors, and misconfigurations, and remediate where possible
What You'll Need:
* A relevant tertiary qualification and/or equivalent experience in a cyber security role and demonstrated experience as a SOC Analyst, Incident Response Engineer or Threat Hunter
* Demonstrated knowledge & awareness of:
o Cyber security tools and concepts that protect an organisation from cyber threats
o Cyber incident response processes and technologies
o Vulnerability management and patching processes
o Analysing logs from various sources to discover active threats & security weaknesses
o Triage and resolving security incidents
o Developing associated response reports for standard SOC tasks, including SIEM alerts, vulnerability alerts and reviews of abnormal emails, system access, and data usage
o Awareness of current security frameworks applicable to the Australian Government, such as Protective Security Policy Framework and Information Security Manual
* Strong interpersonal skills and a collaborative attitude
* Ability to effectively present complex information to colleagues both verbally and in writing
* Ability to work independently with limited supervision and be accountable for outcomes
About Us:
We are committed to providing a diverse and inclusive workplace where the very best talent in Australia chooses to work. Indigenous Australians are encouraged to apply as well as applicants from all backgrounds and with different abilities. We offer a range of employee benefits including attractive superannuation, additional leave entitlements, 50/50 hybrid work-from home model, flexible work arrangements, and assistance for study and professional development.