Calling the Threat Hunters, Incident Responders and Detection Specialists…. If you’re passionate about both hunting and responding with experience in both (Or very strong experience in one) we would love to chat to you.
This is a chance to work in an advanced SOC environment with a highly skilled team offering continuous training, new technologies and new challenges on a daily basis.
Ideally you have experience working in a SOC, or experience as a Threat Hunter or Incident Responder at Level 3 in an internal role to be a fit.
Our client offers full flexibility when it comes to working remotely if you need to. The chance to work across a range of environments and on a range of projects will mean you need to be adaptable and able to handle faced paced situations, at times.
The role is paying up to $190k (Base + Super) with various other benefits.
You can be based anywhere in Australia, with a preference for Sydney Or Melbourne.
The Role: As a Senior SOC Specialist you’ll act as a key escalation point for complex security incidents and step in as a lead for other team members when needed. You will be driving threat hunting activities with clients in certain industries. At times you will be uplifting environments to improve process, or capability and working on a continuous improvement model.
Key Responsibilities: - Lead proactive threat hunting activities, developing hypotheses and executing hunts to detect unknown threats.
- Manage and respond to security incidents when escalated and report findings
- Develop and enhance detection content mapped to frameworks like MITRE ATT&CK.
- Analyze data from SIEM platforms (e.g., Splunk, Elasticsearch, Azure Sentinel) to identify anomalies and improve detection coverage.
- Provide mentorship and guidance to security analysts, driving continuous improvement in operational processes and capabilities
Key Experience and Skills: - Experience in Managed Security Services, or complex Security Operations Centres is preferred
- Hands-on exposure to SOC operations, threat hunting, or incident response.
- Strong understanding of Endpoint Detection and Response (EDR) tools like CrowdStrike or Microsoft Defender for Endpoint.
- Proficiency in SIEM tools (e.g., Splunk, Elasticsearch, Azure Sentinel) and network traffic analysis using tools like Wireshark.
- Solid knowledge of cyber-attack tactics, techniques, and procedures (TTPs) and detection use case development aligned with MITRE ATT&CK.
- Bonus: Experience with scripting languages (Python, PowerShell, Bash) and industry certifications
Offers can be made before Christmas for a January start.
For more information or to arrange a confidential chat to find out more contact cwhyte@decipherbureau.com.