Soc Analyst

Description:

As the Security Operations Centre Analyst, you will play a key role in the protection of our SOC Clients by monitoring, detecting, responding to, and investigating potential cyber threats.

You will have experience with Microsoft Sentinel, Azure security services, and Linux environments, and will be responsible for leveraging these technologies to ensure the integrity, confidentiality, and availability of digital assets. This role requires in-depth knowledge of incident response, threat intelligence, and continuous monitoring.

To be eligible for this role, you will need to be an Australian citizen who is able to maintain an NV1 AGSVA Security Clearance.

Your background:

• able to draw from your commercial experience having previously worked in a SOC or similar role.
• knowledge of GRC
• proven expertise with Microsoft Sentinel for threat detection, incident response, and automation.
• strong hands-on experience with Azure security services including Azure Security Centre, Azure Defender, and Azure AD.
• proficient in securing and managing Linux-based systems and applications.
• advanced knowledge of SIEM technologies, incident response, and threat hunting.
• experience with security frameworks like MITRE ATT&CK.
• familiarity with network security, firewalls, VPNs, IDS/IPS, and endpoint security tools.
• familiarity with forensics tools and malware analysis techniques.
• experience with scripting languages such as Python, Bash, or PowerShell for automation and security tasks.
• hands-on experience with cloud security architecture in Azure environments.
• knowledge of other cloud platforms such as AWS or GCP is highly regarded.

Your qualifications may include:

• CISSP
• GIAC
• Other IT Security certifications
• Microsoft certifications

Responsibilities:-

Threat Monitoring & Incident Response:

• Continuously monitor security alerts and events within the SOC using Microsoft Sentinel and other tools.
• Analyse and respond to security incidents, including malware, intrusion attempts, unauthorized access, and suspicious activity across Azure, Windows and Linux environments.
• Lead investigations into complex cybersecurity incidents and provide recommendations for remediation.
• Utilise threat intelligence sources to identify potential threats and recommend proactive security measures.

Security Operations:

• Develop and fine-tune detection rules, playbooks, and alerts within Microsoft Sentinel
• Configure and optimize Azure Security Centre, Azure Defender, and related security features.
• Manage and secure Linux-based systems and applications as part of the SOC environment and internal infrastructure monitoring.
• Conduct regular vulnerability assessments, and compliance checks across the organisation’s IT landscape.

Collaboration & Reporting:

• work closely with internal and client IT teams, cloud architects, and DevOps engineers to ensure security best practices are implemented.
• develop reports and dashboards for key stakeholders detailing the organisation’s security posture, ongoing incidents, and response activities.
• participate in security assessments and provide guidance on hardening Azure, Windows and Linux environments.
• process Improvement.
• build and maintain security policies, processes, and standard operating procedures (SOPs) for SOC operations.
• stay up-to-date on emerging cyber threats, tools, techniques, and vulnerabilities relevant to our organisation and our client’s technology stacks.

Personal attributes:

• analytical and decision-making skills
• problem-solving skills, attention to detail
• the ability to work independently and within a team
• excellent verbal and written communication
• ability to manage multiple tasks in a fast-paced environment

What is in it for you?

• competitive salary and performance-based incentives.
• professional development opportunities.
• diverse and dynamic teams with a supportive and inclusive culture.
• flexible hours
• potential for hybrid work once established capability
• offices in Canberra, Sydney and Brisbane
• a commitment to People & Culture and new team to drive initiatives
• the chance to work with a talented and dedicated team
• involvement in exciting projects with leading-edge technology

About Us

Digital61 are a Cloud first systems and security integrator that is passionate about ensuring our customers are digitally equipped to provide high quality services to Australians.

Our people love working with the latest technology and are excited to collaborate with new starters that share this passion, especially when they can bring a fresh perspective to the way we build solutions for our customers. We are committed to technical development through training, mentoring, and coaching, so regardless of previous technical experience, we strongly encourage you to apply if you have an analytical approach to problem solving and learn best by doing so.

We embody these three principles in the solutions and services which we design, deploy, and manage.

Simplicity

Digital61 meets our customers’ requirements with the simplest, standards-based solutions: simplicity is the key to system management and security.

Mobility

Digital61 assist business to unlock the inherent mobility embedded in cloud: ensuring mobility is deployed in a secure and stable manner, without disruption to existing processes.

Security

Digital61 builds security into all services and solutions: providing accredited IRAP assessors (Infosec Registered Assessors Program) and security analysis capability to all managed services.

As our clients are primarily government, to be eligible for this role, you will need to be an Australian Citizen who holds an NV1 Australian Security Clearance or have the ability to obtain. Applicants that do not meet this requirement will not be considered.