SOC Engineer – Security Operations Centre (Perth)

About the role

We are seeking a technically strong SOC Engineer to join a mature Security Operations Centre in Perth. You will focus on real‑time threat monitoring, detection engineering, and incident response while helping to transition the SIEM platform from Splunk to Microsoft Sentinel.

Key responsibilities

• Continuously monitor, triage and analyse security events across the enterprise.
• Engineer, tune and optimise use cases, correlation rules and analytics in Microsoft Sentinel.
• Conduct incident detection, investigation, root‑cause analysis and remediation.
• Monitor and optimise security controls for endpoint, network, identity and cloud telemetry.
• Leverage threat intelligence to improve detection accuracy and reduce false positives.
• Support the migration and optimisation of SIEM pipelines from Splunk to Sentinel.
• Align SOC processes with the NIST Cybersecurity Framework and incident‑response best practices.

Required profile

• Proven experience working in a Security Operations Centre.
• Strong hands‑on expertise with SIEM platforms such as Microsoft Sentinel or Splunk.
• Solid understanding of the incident‑response lifecycle, including containment, eradication and recovery.
• Familiarity with the MITRE ATT&CK framework and threat‑hunting techniques.
• Experience monitoring hybrid/cloud environments, preferably Azure.
• Knowledge of NIST frameworks and defensive security controls.

Required skills

• Microsoft Sentinel
• Splunk
• Azure cloud platform
• SIEM design and operation
• Incident response
• MITRE ATT&CK
• NIST Cybersecurity Framework
• Threat intelligence integration
• Endpoint, network, identity and cloud security monitoring
• Detection engineering and use‑case development