Lead SOC Security Analyst

At Thales, we know technology has the ability to make our world more secure, sustainable, and inclusive – and that it’s all driven by human intelligence.

Because it takes human intelligence to build and power the systems and solutions that people depend on every day. So we stay curious and make space for diverse points of view. We share what we know and we challenge what’s possible.

From manufacturing and engineering to cybersecurity and space, we’re driving progress in some of the world’s most important industries – and working together to build a future we can all trust.

OUR BENEFITS

In addition to interesting, engaging opportunities that impact at scale, and ongoing personal and professional development opportunities,

Thales Cyber can offer you:
• Competitive remuneration structure
• Hybrid and flexible working options under the Thales Flex program
• Paid parental leave and family support through Parents at Work
• The day off on your birthday each year
• Novated Lease options
• Ongoing personal and professional development opportunities
• Sonder – Wellbeing & Support Partner

ABOUT THALES

Thales delivers cybersecurity products and services that keep people and assets safe, giving organisations confidence in the security of their digital journeys. Our solutions are deployed in 148 countries, helping governments to maintain sovereignty and organisations to preserve their strategic autonomy.

Thales is a global leader in cybersecurity — no.1 in data security — with more than 6,000 experts and developers worldwide. We bring trust and resilience to key industries including finance, health, retail and manufacturing, as well as critical sectors such as aerospace, defence, critical infrastructure and space.

YOUR ROLE

As a Lead SOC Security Analyst at Thales, you will play a key role in delivering managed security services from our Security Operations Centre (SOC). You will provide hands-on technical leadership and guidance to SOC Analysts while actively monitoring, investigating, and responding to cyber security threats across client environments.

Working closely with the SOC Analytics Manager, you will support day-to-day SOC operations, ensure service levels are met, and contribute to the continuous improvement of security monitoring and incident response capabilities.

YOU’LL

• Provide hands-on technical guidance and mentoring to SOC Security Analysts
• Actively monitor, analyse, and investigate security events using SIEM and associated tools
• Participate in end-to-end incident response activities, providing SME support where required
• Support adherence to SLAs through timely detection, analysis, and response to incidents
• Conduct targeted threat hunting to identify hidden threats and potential vulnerabilities
• Support the tuning and maintenance of SIEM alerts, correlation rules, and dashboards
• Assist with incident escalation and handover to Digital Forensics and Incident Response (DFIR) teams
• Contribute to the development and refinement of SOC procedures and playbooks
• Identify and suggest opportunities for operational improvement and automation
• Maintain awareness of emerging threats and attack techniques and share insights with the SOC team
• Assist with the preparation of incident and post-incident customer reports

WHAT YOU’LL BRING

• Minimum 5 years’ experience in cybersecurity, including at least 2 years within a SOC environment
• Strong hands-on experience with SIEM, SOAR, and EDR technologies
• Proven experience supporting or leading security incident response activities
• Solid understanding of SOC operations, incident response, and threat intelligence workflows
• Experience providing technical guidance or mentoring to junior analysts
• Strong analytical and investigative skills, with the ability to work under pressure
• Excellent written and verbal communication skills, including incident reporting
• High attention to detail and a structured approach to security operations
• Experience with Microsoft and/or Google security tooling (desirable)
• Professional certifications such as GCIH, GSOC, CySA+, CISSP (advantageous)

WE ENCOURAGE YOU TO APPLY

After you have applied, you will receive an email acknowledging your application. We’ll then provide a personalised experience for suitable applicants as we progress through the selection and assessment process. Prior to being offered employment, you will be required to complete pre-employment checks, including police and medical checks where applicable.

As a Defence security clearance is required for this role, applicants must be Australian citizens and eligible to obtain and maintain an appropriate clearance. To learn more about clearances, please visit http://www.defence.gov.au/AGSVA/.

#LI-PD1

It’s easy to dismiss the perfect opportunity if you don’t see yourself as the perfect fit. If this role feels right – no matter your background or personal circumstances – please introduce yourself or join our community. We’re committed to supporting a diverse workplace, and that starts here.

We’re proud to be endorsed by WORK180 as an Employer for All Women, but we know there’s always more we can do. We’ll continue to foster industry partnerships, employee resource groups (ERGs) and development opportunities to make Thales a genuinely equitable employer, for everyone.

Read more about our WORK180 endorsement.