Job Title

Senior Security Operations Analyst / Assistant Security Operations Manager Assist security Ops manager, handling daily operations, data security engineering, and enforcing information security compliance. Sydney CBD Operational knowledge of data loss prevention and forensics technologies Demonstrated expertise with endpoint detection and response technologies Perm role| Hybrid working. About the Role Responsible for the protection of data, information security engineering and the implementation and monitoring of compliance with information security policies and procedures. The Senior Security Operations Analyst / Assistance Security Operations Manager plays a key role in supporting the organisations cyber defence capabilities. Working within the Security Operations Team, the analyst is responsible for the day-to-day monitoring, triage, and escalation of security events, as well as supporting incident response activities and maintaining key operational processes and tools. This role contributes to the broader security posture by ensuring timely detection and reporting of cyber threats, supporting process improvement initiatives, and maintaining high standards of documentation and coordination across the team. Benefits A corporate wellbeing program with subsidised gym membership, free flu vaccinations and health check programs 17.5% annual leave loading Comprehensive learning and development supportaligned to icares Core Capabilities. Our People Awards - On-the-spot Recognition, Quarterly Values Awards & Our People Annual Awards Access to our Employee Assistance Program Duties Its an exciting time at icare where no two days are the same; as a Senior Security Operations Analyst you will: Perform the investigation, containment and resolution of major or complex security incidents. Support analysis of security alerts, threat intelligence, and anomalous activity across networks, endpoints, and cloud environments. Support the Management and Coordination of the Security Operations Team with regards to the Security Operations Centre Management, responsible for the daily assignment and first response triage of tickets. This includes working alongside the Managed Security Services Provider and coordinating the daily review of security tickets and incidents. As a Senior Team Member, actively work to develop and train other Team Members on task execution and developing and improving Playbooks as required. Represent the Security Operations Management Team in internal and external meetings as required (based upon management availability and demand). Develop and refine detection use cases and correlation rules in SIEM and XDR platforms. Monitor and respond to SIEM alerts for indications of potential cyber security events and incidents Perform in-depth analysis of cyber security events and incidents to determine the root cause, impact, and appropriate remediation actions Perform threat hunting and proactive defence initiatives using data-driven techniques and behavioural analytics. Drive continual improvement of security monitoring capabilities, incident response playbooks, and SOC processes. Partner with technology and business units to ensure threat detection coverage and risk mitigation across new and existing platforms. Support uplift of tooling and automation within the SOC, including SOAR implementation and integration. Support incident post-mortem reviews and ensure lessons learned are applied to harden systems and processes. Act as a technical escalation point and mentor to other analysts in the Security Operations Centre. Mentor junior analysts and contribute to capability uplift across the cyber function. Maintain strong awareness of the evolving threat landscape and ensure proactive response to emerging risks. Ensure alignment with organisational security frameworks, policies, and compliance obligations (e.g. CPS 234, ISO 27001, NIST). Skills & Experience Minimum 6+ years of experience in cyber security operations or technical security roles within large or complex organisations. Operational knowledge of data loss prevention and forensics technologies Demonstrated expertise with endpoint detection and response technologies Considerable technical expertise operating a SIEM and performing log analysis of various formats Expert knowledge of IT Security principles/practices across infrastructure & applications Worked within a SOC environment Outstanding written, presentation and interpersonal communication skills Ability to present technical evidence clearly and in a manner for nontechnical readership Experience in responding to and investigating cyber security incidents and events Experience of cloud security technologies and practices Experience handling high-severity security incidents and complex threat scenarios. Experience working in or closely with enterprise SOC or MSSP environments. Experience in governance frameworks and compliance environments (e.g. CPS 234, Essential Eight, NIST, ISO). Demonstrated ability to operate independently with sound judgement, accountability, and integrity. Culture We know our strength comes from the diversity of our people and would encourage people with different experiences and backgrounds to apply. We are committed to our peoples development so the people of NSW can thrive. About the Company Our purpose is to care for the people of New South Wales, building confidence and trust so our communities can thrive. As NSWs agency of insurance and care, in the past year we insured 338,000 businesses, covering four million workers and supporting 92,000 workers with injuries. We cared for over 1,800 people severely injured on our roads and supported more than 5,450 impacted by a dust disease. We helped 775 homeowners, insuring $20.9 billion in residential projects, and continue to protect $436 billion in NSW Government assets including iconic landmarks the Sydney Harbour Bridge and Opera House. icare continues to refine and transform how we deliver services to improve experiences for those we serve. For more information about icare visit our website icare operates a direct sourcing model so no agency introductions will be accepted We are aCircleBackInitiative Employer we commit to respond to every applicant A talent pool may be created through this recruitment process. If you are an employee of icare please apply via Hugo to submit your application. We want to support you with the next step in your career. Please note that you must be an Australian citizen, permanent resident of Australia, New Zealand citizen with a current New Zealand passport or have unrestricted working rights to apply for this role.