Security Analyst Lead, Western Australian

As the SOC Operations Lead, you will be responsible for overseeing and coordinating the operational activities of the Security Operations Centre. This includes mentoring the Level 2 team, managing escalations, driving resolution of outstanding issues, and improving internal processes and standard operating procedures. Your focus on quality assurance and ability to effectively communicate will directly influence the security posture of our clients. 

The SOC Operations Lead works as a leadership member of the DefenceShield managed services team, liaising primarily with the SOC manager, technical team lead other Security Analysts at all levels, and where required with other members of the Defensive, Offensive, Advisory, SDM business units consultants, project coordinators, penetration testers and clients.  

The Triskele Labs SOC monitors and responds to threats and security incidents across our manages services client base on a 24x7x365 basis.  

Requirements

Specific activities, duties and deliverables include but are not limited to the following: 

• Monitor and respond to service desk tickets, ensuring timely resolution or escalation while adhering to SLAs.
• Identify opportunities to improve internal processes and Standard Operating Procedures (SOPs); write and review them regularly.
• Manage and configure security monitoring tools within the change control process, escalating as needed.
• Perform quality audits of analyst tickets in SIEM and EDR tools, ensuring accurate information for clients, and provide feedback to team members.
• Mentor Level 2 analysts, conduct weekly mentoring sessions, and support their skill growth.
• Continuously enhance skills through formal training, certifications, and participation in BTLO challenges.
• Review daily escalated tickets reports and manage client onboarding processes in collaboration with the Service Delivery Management team.
• Participate in the design and maintenance of SOC security architecture and manage escalation processes for new clients.
• Lead the creation of blog posts and Brown Bag talks, and actively engage in annual performance appraisals and feedback.
• Be available for out-of-hours escalations, respond promptly to hotline calls, and address client queries from monthly review meetings.
  

The following outlines the desired skills and knowledge a level one security analyst would have to be successful in their role. 

• Relevant Experience: Proven experience in a leadership role within a security operations or incident response environment, preferably in a SOC. Strong familiarity with security monitoring tools, SIEM solutions, and incident management systems is essential. 

• Operational Experience: Proven experience in development, implementation and continual improvement of SOC operational procedures and processes in line with industry best practice using the concepts and principles of Total Quality Management (TQM) systems and Six Sigma. 

• Technical Knowledge: Comprehensive understanding of networking protocols, operating systems, and common security technologies such as firewalls, IDS/IPS, antivirus, and endpoint protection 

• ITIL Knowledge: Familiarity with ITIL v4 framework and its application in a SOC environment. 

• Incident Response Skills: Proficient in incident response methodologies and best practices. Experience in incident management and escalation. 
  
  The below are the desired qualifications for the SOC Operational Team Lead position. 
• Bachelor of Computer Science (Cyber Security) 
• Master of Cyber Security 
• Professional certifications such as CompTIA CYSA+ and Blue Team Labs 2 (BTL2) are required for this role. 
• Professional certifications such as ITIL and CASP+ are desirable for this role. 

Benefits

Team culture is everything to Triskele Labs and it is the reason we exist.

We provide our team a great range of additional benefits such as:

• Additional days of leave for 'Birthday Leave' and 'Doona Day'
• Access to a professional external Employee Assistance Program (EAP) for all team members
• Social functions organised by our People & Culture Team

We are a forward-thinking company and always looking for ways to boost our team culture to ensure we are a destination employer. We continually undertake surveys to seek feedback from our team on ways we can improve our work environment and team member experience at Triskele Labs.