360HR Technical is working with a very exciting Australian Managed Security Service Provider in hiring an enthusiastic SOC Lead or Manager to help develop and nurture the team’s capabilities.
What does the role look like?
- Lead through example, responding to higher priority security events and alerts from various sources.
- Build & lead training initiatives to keep the team up to date with the current threat landscape.
- Conduct thorough investigations of security incidents to determine root cause, impact and scope of a breach through detailed analysis of log data, network traffic and documentation of Indicators of Compromise (IoCs) discovered.
- Act as an escalation point for security alerts triaged SOC Analysts.
- Provide mentoring, support & technical guidance to junior team members.
- Take part in Threat Hunts across the MDR customer base.
- Initiate & lead ongoing improvements including surrounding log ingestion, detection engineering and testing effectiveness, playbook development.
- Prepare comprehensive reports on security incidents.
- Prepare customer monthly service reports including deduction of unique insights for clients based on trends and evaluation of customer activity, remediation recommendations and lessons learned.
- Monitor emerging threats and security trends through various threat intelligence sources and work to maintain an up-to-date repository of the threat landscape.
- Participate in on-call or shift work rotations.
What we are looking for:
You will need a Australian Citizenship and the ability to obtain a security clearance to be considered for this position.
- Proven experience working in some of the following; Security Operations, Incident Response, Threat Hunting, Security Engineering, Detection Engineering
- Strong knowledge of network protocols, security technologies and network architecture.
- Extensive experience with security monitoring tools.
- Deep knowledge of security principles and best practices, including incident response methodologies
Deep knowledge of industry-standard frameworks (e.g. NIST, ISO 27001, ASD E8, MITRE ATT&CK) - Strong experience working with with security technologies; EDR/XDR, Firewalls, SIEM, Email Security, SOAR.
- Strong familiarity with common cyber threats, attack vectors and malware analysis.
- Familiarity with cloud computing platforms and concepts.
- Exposure, understanding or experience with SOAR platforms highly regarded.
- Previous experience in penetration testing also highly regarded.
- Career progression pathways
- Training & Certificate support
- Industry events & activities
- Interesting clients & projects
And a lot more...