Posted Jul 12, 2026

SOC Analyst Canberra (Remote)

Apply Now →
About the position Join our Australian SOC team as a SOC Analyst. In this role, you will be the "engine room" of our security operations, moving beyond basic alert monitoring to lead deep investigations across a diverse range of client environments in Asia Pacific (APAC). You will work with a world-class security stack and have the autonomy to hunt for threats and recommend custom detections. Responsibilities • Lead investigations into complex security alerts utilising Splunk, Microsoft Sentinel, and SentinelOne SIEMs. • Execute rapid containment and remediation actions using CrowdStrike Falcon, Microsoft Defender for Endpoint, and SentinelOne EDR. • Optimise detection rules using KQL and SPL to enhance our proactive defence posture. • Support regular threat hunting activities based on the MITRE ATT&CK framework to uncover hidden malicious activity. • Produce detailed incident reports for technical and executive stakeholders. • Understand data-loss prevention in the context of Security Operations. • Participate in paid on-call roster every 3 weeks. Requirements • 2–4 years in a SOC or high-pressure security operations environment. • Hands-on proficiency in Splunk, Sentinel, CrowdStrike, and Microsoft Defender. • Strong understanding of TCP/IP, Windows/Linux internals, Cloud Security and common attack vectors (Phishing, Ransomware, Living-off-the-Land). • One or more of the following: SC-200, Splunk Core Certified Power User, CompTIA CySA+, or SANS GCIH. • Ability to clearly articulate technical risks to non-technical client stakeholders verbally and/or via email and ticketing system. Nice-to-haves • Experience with other SIEM and EDR technologies highly regarded. Benefits • wellness programs • flexible working arrangements