tier 2 soc analyst.

• Incident Investigation: You'll be the primary responder for high-severity security alerts escalated from our internal teams and external SOC partner. You will validate and analyse threats from our SIEM and EDR platforms.
• Threat Hunting & Detection Engineering: Go on the offensive by proactively hunting for threats and developing new detection use-cases in Sentinel or Splunk. You'll use intelligence from industry groups like FS-ISAC and APWG and dark-web monitoring to stay one step ahead of attackers.
• Deep-Dive Forensics: Conduct in-depth host and network forensics using tools like FTK, EnCase, and Wireshark to uncover indicators of compromise (IOCs). You will then map your findings to the MITRE ATT&CK framework to document and categorise each incident.
• Remediation & Response: Lead the charge in remediating active threats through activities like patch management, certificate revocation, and firewall-rule updates. You will coordinate with our external Incident Response (IR) team for complex breach scenarios, ensuring compliance with regulatory notification timeframes (e.g., APRA CPS 230/234 and PCI DSS).
• Automation: Use your scripting skills in Python, Bash, or PowerShell to automate enrichment and triage workflows, enhancing the efficiency of our security operations.
• Reporting & Knowledge Transfer: Manage security incidents and service requests in ServiceNow, and contribute to key reports for senior leadership. You'll also be a mentor to Tier 1 analysts, sharing your expertise on evolving threat tactics and tools.

What We Are Looking For

• Experience: 3-5 years of hands-on experience in a SOC or incident-response role, preferably within the banking, wealth management, or payments sectors. Experience with outsourced SOC operations is a significant plus.
• Technical Skills: Proficiency with Sentinel (or Splunk/QRadar), CrowdStrike (or Carbon Black), DLP, and vulnerability-scanning tools.
• Certifications: You should have a relevant degree or diploma in Cybersecurity or Digital Forensics. Certifications such as CISSP, CSX-P, GIAC GCIA, GCIH, or GCFA are highly valued. Microsoft Security certifications are a plus.
• Domain Expertise: A solid understanding of relevant regulatory requirements like APRA CPS 230/234 and PCI DSS.
• Communication: Strong communication skills to effectively manage stakeholders, document incidents, and mentor junior team members.

If you're a proactive, results oriented Tier 2 SOC Analyst looking for work, apply now or send your CV to jorden.ortez@randstaddigital.com.au

At Randstad Digital, we are passionate about providing equal employment opportunities and embracing diversity to the benefit of all. We actively encourage applications from any background.