Job Description

The Missing Link is currently seeking an experienced and driven Principal Security Analyst (SOC Manager). The Principal Security Analyst will lead the Security Operations Centre (SOC) providing level 3 support for our managed services customers and being the last technical point of escalation within the SOC. This includes providing phone, email, remote access and occasionally face to face support. Responsibilities involve incident logging and ownership (with detailed notes), creating correlation rules on managed SIEM clients, managing escalations, Incident investigations and ensuring that Service Level Agreements response and resolution targets are met. There is a requirement to be flexible in terms of shift rotations as the SOC provides 24x7x365 analyst attendance. Responsibilities also include the management and implementation of change requests, configuration changes, technical report writing and software updates.

The Principal Security Analyst will need to be proficient in monitoring and analysing logs and events from a multitude of sources, while using systems like SIEMs, log analysers and threat intelligence sources to determine whether said events constitute a genuine security incident. The Principal Analyst will act as a lead incident responder in such cases.

The Principal Security Analyst will work with a supportive team environment with exposure to cutting-edge technologies. There will be considerable room for development within this role as training will be provided across a broad range of security technologies and industry certifications.

All Analysts within the SOC will report directly into the Principal Security Analyst.

About Us

Since launching our Security business in Sept, 2013 we have gone from strength to strength and below are just a few of our highlights:

- Grown from 2 to 60+ staff

- We've won many awards, including:

  • FireEye Sales Excellence (2015)
  • FireEye Emerging Partner of the Year (2015)
  • Fortinet Australian Rookie of the Year (2016)
  • #19 on BRW Fast Starters (2016)
  • #1 on CRN Fast 50 (2016)
  • CRN MVP (2015 and 2016)
  • Westpac Business of Tomorrow (2017)
  • Carbon Black Innovative Partner of the Year (2018)
  • ARN Channel Choice Partner of the Year (2018)
  • #7 on AFR Fast 100 (2018)

- We have one the largest teams in the country of Consultants (Penetration Testers) all certified at OSCP level, some of them also have OSCE and Crest certifications and one has the highest level of OSEE

- Our company is CREST certified at the highest level

- We have certified Sales Executives, Architects, Engineers & Analysts in a variety of our strategic security vendor products

We have strong partnerships with many leading vendors covering a vast array of security solutions. We launched our Security Operations Center in April 2018 which has significantly improved our managed services capability. We are currently the only MSSP within Australia to have successfully created and delivered a full managed service around the ASD Top 4 or Essential 8, namely ASD 4/8 as a Service. This offering clearly demonstrates our ability to innovate and solidifies our place as a leading Australian security service provider.

If you would like to be part of our amazing journey and achieve your career aspirations and objectives, please apply for this strategically important role!

Requirements

Required Skills & Experience

The ideal candidate will have 5+ years of experience working with systems, networking and security technologies, with at least 3 years working as a Senior Security Analyst or equivalent role. The candidate will be required to demonstrate the following skills and proficiencies:

  • 1-3 years of working experience in a System/Network Admin role or equivalent
  • 3+ years of working experience as a Senior Security Analyst with specific triaging capabilities
  • 3+ years of working within a Security Operations Centre (SOC) environment
  • Experience with leading a team of Analysts within a SOC
  • Thorough understanding and expertise with TCP/IP stack
  • Hands-on security knowledge of Windows/Linux/Unix platforms
  • Experience with threat-hunting tools and SIEM solutions (e.g. AlienVault, ArcSight, Exabeam, IBM QRadar, LogRhythm, McAfee ESM, Rapid7 IDR, Splunk)
  • Expertise in troubleshooting and managing firewall technologies (e.g. Check Point, Cisco, Fortinet, Palo Alto)
  • A demonstrated knowledge of IT security controls associated with firewalls, email, web, endpoints, operating systems, IPS/IDS, cryptography, networks etc.
  • A deeper understanding of the attack chain and threat vectors
  • Experience and understanding of vulnerability
Save Job