SOC Analyst securing national interests at BAE Systems. Responsible for security operations and incident response in Canberra, Australia.
About the role
- Security Operations Analyst monitoring security events and responding to incidents. Collaborating with IT and Security teams to implement preventive controls and improve processes.
Responsibilities
- Continuous monitoring of security events and alerts using SIEM platforms.
- Analysis and correlation of logs to identify suspicious activity or indicators of compromise (IoCs).
- Develop security use cases aligned with frameworks such as MITRE ATT&CK and internal policies.
- Define correlation rules for threat detection (e.g., anomalous behavior, brute-force attacks, data exfiltration).
- Tune thresholds and alert logic to reduce false positives.
- Parser development and log normalization.
- Create custom parsers to integrate new log sources into the SIEM.
- Ensure data normalization (mapping to standard fields such as IP, user, action).
- Validate log quality and consistency to prevent correlation failures.
- Work with common formats (Syslog, JSON, XML) and protocols (CEF, LEEF).
- Operation and automation with SOAR, creating playbooks for fast and efficient response.
- Triage and handling of security incidents according to criticality and impact.
- Investigations across endpoints, networks and applications to determine root cause.
- Escalation and communication with internal teams and vendors when necessary.
- Detailed documentation of incidents, actions taken, and mitigation recommendations.
- Contribute to continuous improvement of monitoring and response processes.
- Participate in incident simulation and tabletop exercises.
- Collaborate with IT and Security teams to implement preventive controls.
Requirements
- Bachelor's degree in Information Security, Cyber Defense, IT or related fields.
- Postgraduate degree in Cyber Security, Forensics, Intelligence or Security Architecture is a plus.
- Experience with SIEMs (Splunk, QRadar, SecOps, Elastic, Sentinel).
- Experience in security incident response.
- Experience with Windows and Linux operating systems.
- Knowledge of query languages (SPL, AQL, KQL).
- Familiarity with regex for parser creation.
- Understanding of log formats and protocols.
- Basics of SOAR automation (Python, YAML).
- Knowledge of MITRE ATT&CK, IOCs, and TTPs.
- Knowledge and hands-on experience with security solutions such as WAF, Firewall, IPS, Anti-Malware, EDR, ATP for detection and containment of security incidents.
- Availability for on-call shifts on weekends and holidays.
- Clear and assertive communication skills.
- Teamwork and collaboration.
- Curiosity and continuous learning.
- Ethics and responsibility.
- Analytical and critical thinking.
- Attention to detail.
- Proactivity.
- Resilience and emotional control.
Benefits
- Health and dental insurance
- Meal allowance (Caju)
- Life insurance
- Home office allowance
- Profit-sharing (PLR)
- Private pension plan
- Childcare assistance
- WellHub (Gympass)
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Director of Security Operations overseeing incident response tasks at Gartner. Leading a geographically dispersed team and improving capabilities for detecting and responding to threats.
Senior Manager for Product Security Ops & Strategy at Salesforce overseeing strategic initiatives and ensuring alignment with security goals. Driving operational excellence and executive communication across teams.
Principal SOC Engineer shaping cyber defense at The Missing Link. Engaging with clients and mentoring engineers in advanced security technologies.
Security Operations Manager responsible for planning and managing security programs at Cox Enterprises. Collaborating with stakeholders and analyzing security vulnerabilities while conducting investigations.
Security Operations Centre Analyst for Paysafe, responding to real - time security alerts and assisting Incident Response in security events. Requires collaboration in a global team environment with various security frameworks.
SOC Analyst focusing on real - time security monitoring and incident response for Atos Group in Bengaluru, ensuring proactive threat detection and effective response to incidents.
Manage global corporate security operations programs at OpenAI, collaborating across teams to enhance security measures. Focus on operational standards and program development for effective security initiatives.
Senior SOC Analyst leading advanced security monitoring and response across various platforms. Collaborating with teams to strengthen security posture and mentor junior analysts.
SOC Analyst developing cybersecurity solutions at Capgemini for leading organizations. Engaging in incident response and security operations in a collaborative environment with global colleagues.