Threat Intelligence and Threat Hunting Lead - Security Operations Centre
Other locations: Primary Location Only
Date: 20 Apr 2026
Requisition ID: 1702322
The SOC Threat Intelligence and Threat Hunting Engineering Lead is a senior security professional responsible for leading advanced threat detection, threat hunting, and cyber threat intelligence functions for one of our protected SOC clients. This role is critical in protecting the organisation's network and systems by proactively identifying, analysing, and responding to complex security threats.
The role oversees incident investigations, drives both reactive and proactive threat hunting initiatives, and leverages cyber threat intelligence (CTI) tools to provide actionable insights on emerging threats, threat feeds, and vulnerability advisories. The position also leads the development of detection strategies and collaborates closely with security engineering to enhance the SOC's overall threat detection and response capabilities.
Key Responsibilities
* Act as the L3 escalation point for the SOC, owning complex cyber incidents end‐to‐end and leading high‐impact investigations for a protected client environment.
* Lead proactive and reactive threat hunting activities, using SIEM, EDR, and network telemetry to design hypotheses, refine detections, and uncover advanced threats.
* Apply cyber threat intelligence to enhance detection and response, including monitoring threat feeds, threat actor activity, vulnerabilities, and credential exposure.
* Mentor SOC analysts and work closely with security engineering to improve detection coverage, reduce alert noise, and strengthen overall SOC capability.
Skills and Attributes for Success
* Extensive experience operating in a SOC environment, including acting as an L3 escalation point for complex security incidents and investigations.
* Advanced expertise using SIEM and detection tools, particularly Splunk, to investigate threats, develop detections, and support threat hunting activities.
* Strong understanding of threat hunting methodologies, cyber threat intelligence, and frameworks such as MITRE ATT&CK.
* Australian citizenship is required. Candidates must hold an NV1 security clearance, or be willing and eligible to obtain one.
* 7–10 years' experience in SOC or security analyst roles with progressively increasing responsibility and leadership.
* Experience working with endpoint, network, and security tooling such as EDR, IDS/IPS, email security, vulnerability management, and SOAR platforms.
* Hands‐on experience applying cyber threat intelligence, including threat actor analysis, vulnerability intelligence, and emerging threat monitoring.
* Strong communication skills, with the ability to lead under pressure, mentor analysts, and engage both technical and non‐technical stakeholders.
What We Offer
* Career development opportunities and future‐focused skills to support your growth.
* Flexible work arrangements to support a healthy work‐life balance.
* A comprehensive benefits package including wellness incentives, flex leave, and family‐friendly policies.
* Competitive, negotiable salary based on skills and experience.
Equal Opportunity
We encourage applications from people of all ages, nationalities, abilities, cultures, sexual orientations, and gender identities and are committed to providing an equitable and barrier‐free recruitment experience for all.
#J-18808-Ljbffr