Location: Sydney
Work rights: Must be authorised to work in Australia - no visa sponsorship available
Overview: A leading Australian cyber security services provider is seeking a highly experienced Senior Incident Response Analyst with strong Digital Forensics expertise to lead and execute incident response capabilities within a managed SOC environment.
This is a hands-on technical leadership role. You will oversee complex investigations, own IR governance and playbooks, coordinate cross-functional stakeholders during live incidents, and contribute to detection engineering across modern security platforms. The role supports a high-velocity MSSP SOC environment across multiple customers.
You will also mentor analysts, uplift team capability, and continuously improve SOC processes to deliver world-class services.
Key Responsibilities
- Lead and manage high-impact cybersecurity incidents through all phases - detection, containment, eradication and recovery
- Conduct detailed digital forensic investigations across endpoints, servers and cloud platforms while maintaining chain of custody
- Perform proactive threat hunting using behavioural analytics, threat intelligence and hypothesis-driven techniques
- Develop and enhance detection and hunting playbooks aligned to MITRE ATT&CK
- Conduct root cause analysis and adversary profiling
- Collaborate with SOC teams (L1-L3), customers and third parties during live incidents
- Deliver executive-level incident reports and lessons learned
- Facilitate tabletop exercises and incident response simulations
- Partner with engineering teams to optimise SOAR automations
- Mentor and coach junior analysts
- Support critical incidents, including occasional after-hours response
- 5-8+ years in cyber security with a strong focus on incident response and/or digital forensics
- Hands-on forensic investigation experience (endpoint, server, network and cloud - AWS, Azure, GCP)
- Experience investigating ransomware, advanced threats, cloud breaches or APT activity
- Strong log analysis and detection engineering capability
- Solid understanding of NIST IR methodology and MITRE ATT&CK
- Experience writing incident reports and executive summaries
- Experience developing IR playbooks
- Strong stakeholder communication skills
Desirable
- Experience within an MSSP or SOC environment (L2/L3)
- SOAR/automation experience
- Exposure to regulated industries
- Experience mentoring analysts
