- Permanent position
- Sydney location
- Large scale Consultancy
Security Operations Centre – SOC Analyst
- Permanent position
- Sydney location
- Large scale Consultancy
This Global top tier large scale Consultancy are looking for a SOC Analyst to join their expanding team to help build local SOC response capabilities. The Global Security Office (GSO) is actively seeking a Security Operation Center Analyst to join their team. The selected individual will play a crucial role, working closely with the SOC Manager as a key member of the GSO
The ideal profile with be an experienced SOC Analyst with experience of resolving 2nd and 3rd level incidents…
Role and Responsibilities:
Responsible for working in a global 24×7 Security Operation Center (SOC) environment which consists of an in-house and outsourced SOC.
- Perform real-time alert monitoring and service / respond to the ticket management queue.
- Provide Incident Response (IR) support when analysis confirms actionable incident from the outsourced SOC and/or internal systems.
- Provide analysis and trending of security log data from a large number of heterogeneous security devices across different layers.
- Provide threat and vulnerability analysis with recommendations
- Investigate, document, and report on information security issues and emerging trends.
- Analyze and respond to previously undisclosed software and hardware vulnerabilities.
- Integrate and share information with other analysts and teams.
- Participate in security projects collaborating with stakeholders as needed
- Able to participate on a weekend on-call rotation.
- Other tasks and responsibilities as assigned through ticketing system.
Qualifications
Bachelor’s degree in a related field (Security, Forensics or Computer Science is preferred)
- At least 4 years of experience as a security analyst, incident handler/responder within security operations (SecOps or SOC)
- Excellent knowledge of security methodologies, processes (like Kill chain/diamond models, MITRE ATT&CK framework and SANS).
- Excellent knowledge of technical security solutions (firewalls, SIEM, NIDS/NIPS/HIDS/HIPS, AVs, DLP, CASB, proxies, network behavioural analytics, endpoint and cloud security).
- In depth knowledge of TCP/IP, UDP, DNS, FTP, SSH, SSL/TLS and HTTP Protocols, network analysis, and network/security applications.
- Good knowledge of information security frameworks and standards (like ISO 27001, NIST-CSF etc)
- Very good knowledge of common malware threats and attack methodologies.
- Professional Certifications: GCIA, GCIH, GCFE, GCFA, Security+, CCNA CyberOps, OSCP, GPEN, GWAPT, CEH, CISSP or other equivalent certifications are highly desirable.
If you’re interested, then please submit your resume by hitting the APPLY NOW button; or send your resume to the md@limelightpeople.com.au
