SOC Analyst

Job Title: SOC Analyst
Contract Type: Permanent
Location: Sydney CBD, New South Wales
Salary: Negotiable
Reference: 205292_1597718205
Contact Name: Ellen Barry
Contact Email:
Job Published: August 18, 2020 12:36

Job Description

Our client, a century old global banking and financial services organisation are currently recruiting for a SOC Analyst with Cloud experience who will endeavour to detect suspicious or malicious activity within the Bank's environment.

You will be responsible for incident identification, assessment and escalation, as well as working with the IT teams to reduce the vulnerability attack surface through vulnerability scanning and resolution. You will also be responsible for monitoring intelligence feeds and ensuring that both staff and clients are protected against cyber-crime and threats.

Responsibilities will include:

Security Incident Event Management (SIEM)

  • 1st line monitoring response - timely follow up for alerts, investigations / escalations
  • Implementation of connectors and application rules as requested
  • Any general improvements, issues / bugs as required

Alert Monitoring & Investigation

  • Anti-virus - initial response, ensure fixes and resolutions are followed
  • Create and maintain event/alert handling procedures
  • Escalation to 2nd line as required

Vulnerability Scanning & Mitigation

  • Co-ordination & preparation of monthly and ad-hoc vulnerability scans
  • Ensure all systems, devices and web sites are monitored

Threat Intelligence

  • Monitoring of spam, phishing and cybercrime events
  • Monitor intelligence feeds and ensure suspicious websites are blocked
  • Provide Cyber Awareness communications to staff
  • Maintain the Cyber Fraud Incident register

To be successful in this role you will need:

  • Good understanding of IT Security and Cyber threats and vulnerabilities
  • Experience with CISCO routing and switching and firewalls
  • Strong analytical and problem-solving skills
  • Knowledge/experience working with SIEM tools

Experience in at least one of the following is highly desirable:

  • Symantec ATP
  • DbProtect
  • Tripwire
  • DarkTrace
  • Qualys
  • Threatmetrix TD Cloud
  • ArcSight
  • Azure Sentinel

Interested parties should apply directly via the link below or call Ellen on 02 8267 4600 quoting reference number 205292.