Applications Close: 22nd June 2025

Join us on our mission to unlock Australia’s technological advantage

What is the opportunity for you?

At UBH Group, we partner with clients to secure their digital environments and protect against evolving cybersecurity threats. The Security Operations Centre Level 2 Analyst, as part of a team, is responsible for ensuring that managed security clients are secure and cyber threats are detected, responded to and mitigated. This role will work mostly within Microsoft cloud-native environments. The primary focus of this role is to ensure the triage and analysis of security events, be the senior incident investigator and ensure that SOC operations follow best practices and evolve. The secondary, but critical contribution of the role, is to assist with the management of detection and SOAR platforms and the detection lifecycle. As an experienced SOC operator, support will be expected to be provided to other business functions, including to the internal CISO and other technology areas. Effective communication with project and service delivery managers is key to ensuring individual and client needs are met.

What You Will Do

Triage, Investigation, and Response:

Perform SIEM-based event analysis, triage, and prioritisation.

Conduct correlation and analysis to identify successful and potential intrusions or breaches using Microsoft cloud-native enterprise security suite.

Provide tactical response and mitigation recommendations.

Scope impact, communicate findings, and lead investigative efforts to reach assessments.

Generate reports for high-severity incidents and make recommendations for improvement.

SOC Procedure Development and Continual Improvement:

Lead the development of SOC procedures and actively participate in continual improvement initiatives.

Mentor Level 1 Analysts to enhance their skills and contribute to the overall improvement of the SOC team.

Collaborate with engineering to improve SIEM/SOAR actions, alert fidelity, and upstream security configurations.

Collaboration and Customer Engagement:

Develop successful working relationships with colleagues and build trust with clients.

Assist others in the service delivery team with all facets of customer engagement and problem resolution.

Maintain an understanding of emerging threats to clients and contribute to developing the team’s awareness.

Professional Development:

Lead the development of your own SOC skills and contribute to the improvement of others through mentoring and knowledge sharing.

What You Need to Succeed

To secure this opportunity, you will have / be:

Experience:

Demonstrated education in cybersecurity fundamentals.

Proven experience as a Level 1 SOC Analyst.

Two to four years’ experience in an operational SOC/IR team, not consulting.

Proven experience and interest in detection engineering.

Demonstrated ability to operate in positions of trust and receive recommendations.

Technical Skills:

Proficient in alert triage, investigations, and security case management.

Skilled in using SIEM, XDR, and EDR technologies.

Broad working knowledge of cloud, application, and network security technologies found in cloud-first environments.

Extensive understanding of incident response frameworks and procedures.

Ability to provide incident reporting and explain technical details clearly to both technical and non-technical audiences.

Working knowledge of incident management practices.

Broad understanding of the cyber-attack chain, including multiple attack scenarios and associated mitigations.

Analytical Skills:

Strong analytical and problem-solving skills with the ability to think critically under pressure.

Skilled in evaluating the effectiveness and efficiency of operational and cybersecurity practices, ensuring compliance with organisational requirements.

Expertise in providing actionable recommendations to enhance internal controls and ensure operational efficiency and security.

Organisational Skills:

Strong organisational skills to manage multiple tasks in a fast-paced environment.

Collaboration:

Fosters a cooperative and productive environment by working effectively across teams and accounts.

Communication Skills:

Demonstrates strong communication skills, clearly conveying information through various channels to ensure all parties are informed and aligned.

Preferred for This Role

Recent completion of Microsoft security education is desirable.

Operational Level 2 Analyst training equivalent (CySA+, BLT1, SANS).

Completion of penetration testing training or experience.

Microsoft Sentinel/SOAR and E5 Defender suite.

Experience with vulnerability scanners.

Hands-on experience with any SOAR technology.

Current Baseline security clearance.

What We Offer

Competitive Salary and Benefits: Enjoy a competitive salary and comprehensive benefits package.

Flexible Working: Benefit from hybrid and flexible working arrangements.

Positive Environment: Work in an innovative, inclusive, and collaborative setting.

Development Opportunities: Access continuous learning and professional development.

Employee Support: Utilise our Employee Assistance Program.

Financial Benefits: Take advantage of salary sacrificing options.

How to Apply

To apply please submit your resume and a cover letter (maximum 2 pages) outlining your skills and experience relevant for this role - we look forward to hearing from you.

Candidates must also:

Have the ability to obtain and hold a Baseline security clearance.

Be an Australian Citizen.

Be prepared to undertake pre-employment checks.