Lead SOC Security Analyst

At Thales, we know technology has the ability to make our world more secure, sustainable, and inclusive – and that it’s all driven by human intelligence.

Because it takes human intelligence to build and power the systems and solutions that people depend on every day. So we stay curious and make space for diverse points of view. We share what we know and we challenge what’s possible.

From manufacturing and engineering to cybersecurity and space, we’re driving progress in some of the world’s most important industries – and working together to build a future we can all trust.

Thales Cyber Premium Services (CPS) is seeking an experienced and highly motivated Lead SOC Security Analyst to play a critical role in delivering managed security services from our Security Operations Centre (SOC). The successful candidate will be responsible for leading a team of Security Analysts to assist in actively monitoring, investigating, and responding to security threats.

The successful candidate will have a strong background in cybersecurity and SOC operations, as well as a proven track record of leading, technically coaching and developing teams. As a Lead SOC Security Analyst you will work closely with the SOC management team to maintain adherence to SLAs, ensure a high standard of technical delivery of services, and assist with the professional growth of the team.

Accountabilities

• Lead a team of our teams of Security Analysts through coaching and development, providing guidance, mentorship, and support to enhance their technical and analytical skills

• Analyse security data, including logs, network traffic, and threat intelligence, to identify patterns, trends, and anomalies indicative of potential security incidents or threats

• Collaborate with the SOC Manager to drive the technical direction of the SOC, ensuring the implementation of best practices, processes, and technologies to enhance the team's efficiency and effectiveness

• Monitor and maintain adherence to SLAs, ensuring the timely and accurate detection, analysis, and response to security incidents and threats

• Assist in the development and implementation of SOC policies, procedures, and standards, ensuring alignment with the organisation's security strategy and goals

• Collaborate with other SOC and security leaders to share knowledge, insights, and best practices, promoting a culture of continuous improvement and innovation

• Identify opportunities for process improvement and automation, recommending and implementing solutions to streamline SOC operations

• Building and maintaining strong relationships with peers and clients

• Conduct advanced threat hunting activities, proactively searching for signs of compromise, hidden threats, and potential vulnerabilities within client’s environment

• Assist with the design, implementation, and fine-tuning of security analytic and correlation rules, alerts, and dashboards in the SIEM and other security tools to enhance the SOC team's visibility and response to emerging threats

• Collaborate with the SOC team to investigate and respond to security incidents, providing Subject Matter Expert (SME) guidance on the analysis and interpretation of security data

• Stay up to date on emerging threats, attack vectors, and vulnerabilities, sharing findings with the SOC team and using this information to inform the development of new security analytics techniques and strategies

• Conduct thorough handovers of security incidents to the Digital Forensics and Incident Response (DFIR) team

• Assist DFIR team with monitoring and investigation of security incidents on an as needed basis

• Collating data to write and review customer reports, including post incident reports, to a high standard
   

Skills and Experience

• Self-starter with a strong sense of ownership and the ability to work independently or collaboratively as needed

• Demonstrated capacity to multitask and manage competing priorities effectively

• Excellent communication, presentation, and interpersonal skills, with the ability to effectively convey complex security concepts to both technical and non-technical audiences

• Detail-oriented with a strong commitment to documentation, process improvement, and knowledge sharing

• Strong problem-solving and decision-making skills, with the ability to work under pressure

• Ability to learn new technologies and tools quickly

• Ability to develop and deliver training or speaking material for public and private events

• An empathetic leader with the ability to work under pressure, prioritise tasks, and manage both your team’s and your own time efficiently

• Ability to speak about security confidently and accurately and to recommend security controls to experienced security professionals and executives

• Ability to work as a team with decisions made to support moving toward common goals

• Flexibility and motivation to work across several types of engagements
   

Preferred Experience

• Minimum of 5 years of experience in cybersecurity, with at least 2 years within a SOC

• In-depth knowledge and experience with security tools and technologies, such as SOAR, SIEM, and EDR

• Knowledge and experience in the Microsoft or Google security suites is highly desirable

• Experience and confidence in managing security incidents from end-to-end

• Experience and confidence in client facing roles

• Strong understanding of security operations, incident response, threat intelligence, and other key functions

• Professional certifications are an advantage (i.e. CISSP, GREM, GCIH, GSOC, CompTIA CySA+)

Benefits

• Opportunities to undertake technical training and secure industry recognised certifications

• Flexible working arrangements

• Opportunities to work with some of the best cybersecurity professionals in the region, and to grow and develop your career

• Joining a team of highly skilled and multi-cultural security professionals
   

If the above resonates with you and you would like to join a dynamic, fast-growing team of SOC Security Analysts, apply now with your CV and a cover letter outlining why you'd be a great fit for the role.

It’s easy to dismiss the perfect opportunity if you don’t see yourself as the perfect fit. If this role feels right – no matter your background or personal circumstances – please introduce yourself or join our community. We’re committed to supporting a diverse workplace, and that starts here.

We’re proud to be endorsed by WORK180 as an Employer for All Women, but we know there’s always more we can do. We’ll continue to foster industry partnerships, employee resource groups (ERGs) and development opportunities to make Thales a genuinely equitable employer, for everyone.

Read more about our WORK180 endorsement.