Security Operations Centre - SOC AnalystSecurity Operations Centre - SOC AnalystPermanent positionSydney locationLarge scale ConsultancyThis Global top tier large scale Consultancy are looking for a SOC Analyst to join their expanding team to help build local SOC response capabilities. The Global Security Office (GSO) is actively seeking a Security Operation Center Analyst to join their team. The selected individual will play a crucial role, working closely with the SOC Manager as a key member of the GSO.The ideal profile will be an experienced SOC Analyst with experience of resolving 2nd and 3rd level incidents.Role and Responsibilities:Responsible for working in a global 24x7 Security Operation Center (SOC) environment which consists of an in-house and outsourced SOC.Perform real-time alert monitoring and service / respond to the ticket management queue.Provide Incident Response (IR) support when analysis confirms actionable incident from the outsourced SOC and/or internal systems.Provide analysis and trending of security log data from a large number of heterogeneous security devices across different layers.Provide threat and vulnerability analysis with recommendations.Investigate, document, and report on information security issues and emerging trends.Analyze and respond to previously undisclosed software and hardware vulnerabilities.Integrate and share information with other analysts and teams.Participate in security projects collaborating with stakeholders as needed.Able to participate on a weekend on-call rotation.Other tasks and responsibilities as assigned through ticketing system.Qualifications:Bachelor's degree in a related field (Security, Forensics or Computer Science is preferred).At least 4 years of experience as a security analyst, incident handler/responder within security operations (SecOps or SOC).Excellent knowledge of security methodologies, processes (like Kill chain/diamond models, MITRE ATT&CK framework and SANS).Excellent knowledge of technical security solutions (firewalls, SIEM, NIDS/NIPS/HIDS/HIPS, AVs, DLP, CASB, proxies, network behavioural analytics, endpoint and cloud security).In depth knowledge of TCP/IP, UDP, DNS, FTP, SSH, SSL/TLS and HTTP Protocols, network analysis, and network/security applications.Good knowledge of information security frameworks and standards (like ISO 27001, NIST-CSF etc).Very good knowledge of common malware threats and attack methodologies.Professional Certifications: GCIA, GCIH, GCFE, GCFA, Security+, CCNA CyberOps, OSCP, GPEN, GWAPT, CEH, CISSP or other equivalent certifications are highly desirable.If you're interested, then please submit your resume by hitting the APPLY NOW button; or send your resume to ******.
#J-18808-Ljbffr