Job Title

OverviewSenior Security Operations Analyst role at icare NSW. Responsible for the protection of data, information security engineering and the implementation and monitoring of compliance with information security policies and procedures.The Senior Security Operations Analyst supports the organisation''s cyber defence capabilities within the Security Operations Team, handling day-to-day monitoring, triage, and escalation of security events, supporting incident response activities, and maintaining key operational processes and tools. This role contributes to the security posture by ensuring timely detection and reporting of cyber threats, supporting process improvement, and maintaining high standards of documentation and coordination across the team.ResponsibilitiesPerform the investigation, containment and resolution of major or complex security incidents.Support analysis of security alerts, threat intelligence, and anomalous activity across networks, endpoints, and cloud environments.Develop and refine detection use cases and correlation rules in SIEM and XDR platforms.Monitor and respond to SIEM alerts for indications of potential cyber security events and incidents.Perform in-depth analysis of cyber security events and incidents to determine root cause, impact, and remediation actions.Perform threat hunting and proactive defence initiatives using data-driven techniques and behavioural analytics.Drive continual improvement of security monitoring capabilities, incident response playbooks, and SOC processes.Partner with technology and business units to ensure threat detection coverage and risk mitigation across platforms.Support uplift of tooling and automation within the SOC, including SOAR implementation and integration.Support incident post-mortem reviews and apply lessons learned to harden systems and processes.Act as a technical escalation point and mentor to other analysts in the Security Operations Centre.Mentor junior analysts and contribute to capability uplift across the cyber function.Maintain awareness of the evolving threat landscape and ensure proactive response to emerging risks.Ensure alignment with organisational security frameworks, policies, and compliance obligations (e.g. CPS 234, ISO 27001, NIST).Skills & ExperienceMinimum 6+ years of experience in cyber security operations or technical security roles within large or complex organisations.Operational knowledge of data loss prevention and forensics technologiesDemonstrated expertise with endpoint detection and response technologiesExperience operating a SIEM and performing log analysis of various formatsExpert knowledge of IT security principles across infrastructure & applicationsExperience in a SOC environmentStrong written, presentation and interpersonal communication skillsAbility to present technical evidence clearly for non-technical readersExperience in responding to and investigating cyber security incidents and eventsExperience with cloud security technologies and practicesExperience handling high-severity security incidents and complex threat scenariosExperience working in enterprise SOC or MSSP environmentsExperience in governance frameworks and compliance environments (e.g. CPS 234, Essential Eight, NIST, ISO)Demonstrated ability to operate independently with sound judgement, accountability, and integrityCultureWe value diversity and encourage applicants from different backgrounds. We are committed to our people''s development so the people of NSW can thrive.About the Companyicare NSW cares for the people of New South Wales, building confidence and trust to help communities thrive. We support a broad range of services and protect significant government assets.For more information about icare visit our websiteicare operates a direct sourcing model so no agency introductions will be acceptedWe are a CircleBack Initiative Employercommitment to respond to every applicantA talent pool may be created through this recruitment processPlease note: Australian citizenship, permanent resident status, New Zealand citizen with a current NZ passport, or unrestricted working rights are required to apply. #J-18808-Ljbffr