Cyber Security SOC Analyst

  • Canberra
  • Contract
  • Mon Mar 16 00:56:33 2026
  • 90M0703409

Position Overview

We are seeking a proactive Cyber Security SOC Analyst to join an enterprise level Security Operations Centre. In this role, you will be the first line of defense, responsible for the persistent monitoring, identification, and triaging of security threats across a diverse digital landscape including cloud environments, enterprise applications, and complex network infrastructures.

You will combine technical expertise in threat detection with a disciplined approach to incident response, ensuring our security posture remains resilient against evolving cyber threats.

Core Responsibilities

  • Threat Detection & Triage: Actively monitor and evaluate alerts generated by SIEM, SOAR, EDR, and cloud-native security tools to identify potential breaches.
  • Incident Investigation: Deep-dive into suspicious activities across identities, endpoints, and networks to assess impact and urgency.
  • Escaration & Response: Provide high-quality analysis and actionable recommendations when escalating verified threats to senior responders.
  • Forensic Support: Assist in the early stages of evidence collection to facilitate containment and detailed post-incident forensic analysis.
  • Application Security: Monitor application-layer events and collaborate with DevOps teams to patch vulnerabilities and fix misconfigurations.
  • Continuous Optimisation: Assist in refining detection logic, tuning SIEM rules, and developing automated workflows to reduce "noise" and improve response times.
  • Vulnerability Management: Review assessment reports, validate security flaws, and monitor the progress of remediation efforts.
  • Governance & Documentation: Maintain accurate incident logs, update operational runbooks, and ensure alignment with NIST, ISM, and ASD Essential Eight frameworks.

Required Skills & Qualifications

  • Professional Experience: Proven track record in a SOC or incident triage role within large-scale enterprise or government sectors.
  • Technical Stack: Proficiency with major SIEM platforms (specifically Microsoft Sentinel or Splunk) and exposure to XDR/SOAR technologies.
  • Security Knowledge: Solid grasp of the OWASP Top 10, secure development lifecycles, and common attack vectors.
  • Analytical Rigor: Ability to dissect complex logs and telemetry data to make informed decisions under pressure.
  • Standards Proficiency: Familiarity with Australian security standards, including the ISM and ASD Essential Eight.
  • Communication: Strong interpersonal skills to bridge the gap between technical security findings and operational stakeholders.
  • Cloud Expertise: Practical experience securing Azure (preferred), AWS, or GCP environments.
  • AppSec Tooling: Exposure to SAST, DAST, or SCA testing methodologies.
  • Certifications: Industry-standard credentials such as Security+, CCNA Security, or Microsoft Cybersecurity Analyst.
  • IR Experience: Hands-on experience navigating the full incident lifecycle, from initial detection through to eradication and recovery.
If your interested and or have the experience for this role, please apply for the role or send your CV to jorden.ortez@randstaddigital.com.au

At Randstad, we are passionate about providing equal employment opportunities and embracing diversity to the benefit of all. We actively encourage applications from any background.