Security Operations Analyst - Canberra, Australian Capital Territory

The Security Operations Analyst role encompasses advanced monitoring, investigation, and incident response functions, along with threat‑hunting operations, intelligence analysis, vulnerability management, and contributing to security engineering initiatives. You will strengthen c ...

Job description

The Security Operations Analyst role encompasses advanced monitoring, investigation, and incident response functions, along with threat‑hunting operations, intelligence analysis, vulnerability management, and contributing to security engineering initiatives. You will strengthen cyber resilience, manage complex security incidents, and enhance SOC processes and tooling in alignment with ISM, MITRE ATT&CK, and SOC‑CMM standards.

Details about the Client

ADF Careers is the largest workforce outsourcing solution in the southern hemisphere with over 80,000 applications received on average each year.

ADF Careers is on a mission to recruit the right people, in the right numbers, at the right time to support the Australian Defence Force to build, sustain and maximise Defence capability.

Our people are our greatest asset. We recognise and respect our people's need to work in ways that support their careers, families, and lifestyle. That's why we offer flexible working arrangements, learning pathways, additional leave entitlements and extensive corporate discounts across a variety of product and services. We want our people to be financially rewarded; to feel good and to go beyond what they thought possible at work.

Be you, and we'll be better together.

To find out more about our great employee benefits and what it's like to be part of the team, reach out to our friendly talent acquisition team.

Job Description

Reporting to the Cyber Security Technical Lead, you will be responsible for improving Adecco DFR organizational cyber resilience by responding to security incidents, proactively identifying emerging threats, enhancing detection and response capabilities, and delivering high‑quality intelligence reporting. In carrying out your duties, you will help shape and implement cyber security policies and procedures, and leverage your expertise to advise and guide IT functions across the broader organisation.

Key Responsibilities:

• Perform in-depth analysis of alerts and events escalated from Tier 1 analysts. This requires strong analytical skills with experience investigating security alerts across multiple platforms and data sources
• Lead end to end containment, remediation and recovery activities
• Identify and develop business threat detection use cases inline with a crown jewels analysis, SOC-CMM and MITRE ATT&ACK framework.
• Lead vulnerability management and remediation
• Develop post incident reports and drive remediations activities
• Perform security stack health checks and remediate coverage gaps
• Develop SOC Tier 1 process instruction and playbooks
• Develop and perform daily Sentinel Hunting query's and supporting dashboards
• Research daily emerging threats and corelate intelligence to detection capabilities
• Sentinel SIEM Administration and log onboarding
• Alert Engineering, tuning and hunting utilizing KQL
• Participate in internal and external cyber security exercises
• Identify and drive to completion security control, monitoring and process gaps
• Collaborate with It Operations streams to ensure effective resolution of security incidents and vulnerabilities

Candidate's Profile

Minimum 2 years' experience in a cybersecurity role with a strong understanding of the ISM and global security standards.

Bachelor's degree in Cyber Security, IT, Computer Science, Engineering, or Information Systems, Certificate IV in Cyber Security or relevant experience. Industry certifications such as Microsoft Security (SOC‑200, Azure Security Engineer Associate), EC-Council Certified SOC Analyst, GIAC Certified Incident Handler, or other security stack-specific certifications (Splunk, CrowdStrike, Tanium, McAfee, Cisco, Palo Alto) are highly desirable.

Your background will demonstrate:

• A passion for cyber security coupled with excellent written and verbal communication skills.
• Ability to work collaboratively within a SOC and with broader IT, security, and business teams.
• Strong analytical skills with experience investigating security alerts across multiple platforms and data sources.
• Demonstrated experience in Microsoft cloud security technologies or relevant EDR and SIEM technologies.
• Experience with query or scripting languages (e.g. KQL, SPL, SQL, PowerShell).
• Familiarity with threat intelligence platforms, vulnerability management and penetration testing concepts.
• Professional cyber security certification such as those provided by Microsoft, SANS or Offensive Security.
• Experience producing clear, accurate incident documentation and reports.

To apply for this position, you must be an Australian citizen and have the ability to maintain an Australian AGSVA security clearance.

How to apply

If eligible, please submit your resume; applications are open to all qualified Australian citizens regardless of their background, identity, experiences and beliefs.

If you need assistance during our recruitment process, please email Sahar Khalid at for a confidential conversation.

To apply for this position, please submit your application online through our designated platform. The deadline for applications is 11:30 PM (AEST) on 8th March 2026. It's important to note that applications will be reviewed and processed as they are received.