Security Analyst L2 (SOC)

Our Security practice is growing and we are looking for a Level 2 SOC Analyst to focus on engineering and analysis within the LAB3 SOC

The role:

• Provide a fundamental role within the SOC team for level 2 Cyber Security analysis and SIEM development, working alongside other security engineers and analysts, supporting the delivery of security services for both LAB3 and clients in both cyber event handling and the implementation, uplift, and maintenance of the SIEM.
• Cyber security event handling.
• Conduct SIEM engineering tasks via code (KQL).
• Assist in maintaining the SOC Documentation (SOC Wiki).
• Work with internal teams to analyse, troubleshoot and respond to potential threats where necessary - Azure Sentinel, Azure Log Analytics and Azure Security Center
• Adopt best practices in Cyber Security across the network through demonstrated expertise - Azure Cloud, wireless technologies, platforms and offerings.

The right candidate:

• Experience in a SOC (Security Operations Centre) for a minimum of 2 years is required, preferably as both an analyst and SIEM support (development/maintenance).
• Investigative skills and techniques. Demonstrate an ability to perform incident investigation and triage confidently.
• Working experience with a SIEM - Azure Sentinel (preferred), Splunk or Elastic.
• Availability to work on a rotating On-Call roster.
• Coding ability, relevant to SIEM and query language (KQL preferred).
• Understanding of detection Rules - reporting False Positives and raising tuning requests.
• Experience in understanding and abiding by Cyber Security Privacy Policies.
• Experience in SOC documentation and maintenance - help maintain the SOC Wiki.
• Cyber Security relevant degree is highly advantageous.
• Familiarity and understanding of SOC framework methodologies - MITRE ATT&CK(preferred) / Killchain.
• Experience with the automation and orchestration of Cyber Security Operations (SOAR).
• The ability to prepare and present weekly and monthly security updates to clients and talk through recommendations and observations.

Desirable Technical skills and experience:

• Understanding DevSecOps methodologies and processes (Desirable).
• Experience across cloud security technology, Azure Security Centre and Azure Sentinel (preferred) is highly desirable.
• Experience using multiple programming languages such as Bicep or Python (Desirable).
• Experience operating within tools such as GitHub or Azure DevOps (Desirable).
• Experience operating enterprise scalable security automation tools and services (Desirable).
• Knowledge of threat intelligence disciplines, tools and frameworks within Cloud Security (Azure preferred) is desirable.
• Hands-on delivery experience of security modernisation across business technology transformations (delivery of major business solutions into production) is desirable.
• Understanding of Network Security Groups, Gateway Security, Azure Application Gateway, Endpoint Protection, Privileged Access & Vulnerability Management (Desirable).
• Experience communicating security-related matters with individuals, teams or business units on medium to high complexity subjects (Desirable).
• Understanding of providing delivery across multiple cyber security domains, including the implementation of architecture in large organisa
• tions leveraging balanced cloud and hybrid solutions (Desirable).Azure Certificates AZ-500: Microsoft Azure Security MS-500: Microsoft 365 Security Administration (Desirable).

Learn more on our career growth framework https://lab3.atlassian.net/wiki/x/H4G9Y What's in it for you?

• Become part of Australasia's largest Azure engineering practice that focusses on cutting-edge tech and innovation #thinkahead
• Be part of a company that is leading the way in specialised areas and partnering on high profile client projects #winwithus
• Work with a 13 time Gold, 7 time Microsoft Advanced Specialisation & 5 time Microsoft Solutions Partner. You only get to this level with the industry's leading tech professionals - we are proud to have some of the best. #teamup
• Thrive in a team that is always learning, innovating and making waves in the security field - excellent opportunities for career progression within the company. #standout
• Be part of a supportive working environment that values inclusion, flexibility, diversity and differences. #betrue
• We work flexibly and recognise the importance of your overall wellbeing! Flexible, hybrid work environment #Flexit!
• Ultimately, we will help you to fear less, achieve more in a fast paced, innovative and cool environment - are you ready to accept the challenge? #fearlessachievemore
• Ranked in the LinkedIn Top Start up list for 3 years in a row- 2020 (#3), 2021 (#17)and 2022 (#11)!
• Certified Great Place to Work

Apply now to be considered for this amazing career opportunity and make a difference!