Cyber Security Analyst

OUR BENEFITS

In addition to interesting, engaging opportunities that impact at scale, and ongoing personal and professional development opportunities, Thales Cyber can offer you:
• Competitive remuneration structure
• Hybrid and flexible working options under the Thales Flex program
• Paid parental leave and family support through Parents at Work
• The day off on your birthday each year
• Novated Lease options
• Ongoing personal and professional development opportunities
• Sonder – Wellbeing & Support Partner

ABOUT THALES

Thales delivers cybersecurity products and services that keep people and assets safe, giving organisations confidence in the security of their digital journeys. Our solutions are deployed in 148 countries, helping governments to maintain sovereignty, and organisations to preserve their strategic autonomy.

Thales is a global leader in cybersecurity - no.1 in data security - with 6,000+ experts and developers. We bring trust and resilience to key industries including finance, health, retail and manufacturing, as well as vital sectors such as aerospace, critical infrastructure, defence and space.

YOUR ROLE

As a Cyber Security Analyst, you will play a key role in protecting Thales Australia’s systems, networks, data, and users through proactive monitoring, investigation, and response to cyber security threats. Operating within the Security Operations Centre (SOC), you will contribute to the ongoing enhancement of detection, monitoring, incident response, and cyber resilience capabilities across enterprise, cloud, identity, endpoint, and data environments.

You will work closely with internal IT teams and stakeholders to identify, investigate, and respond to cyber security incidents while continuously improving detection capabilities and operational effectiveness across the security landscape.

YOU’LL

• Monitor, triage, and investigate security alerts across enterprise, cloud, identity, endpoint, and data environments
• Identify, analyse, and respond to cyber security incidents in line with established policies and procedures
• Conduct threat hunting and investigative activities to identify anomalous or malicious behaviour
• Support containment, remediation, and recovery activities alongside IT and business stakeholders
• Operate and support SOC tooling including SIEM, EDR/XDR, monitoring, and incident response technologies
• Contribute to the development and optimisation of automated investigation and response workflows
• Investigate identity-related security events including account compromise, privilege misuse, and unauthorised access
• Support data protection and compliance-driven investigations using security and governance tooling
• Improve detection effectiveness through alert tuning, use-case refinement, and onboarding of new telemetry sources
• Produce clear and accurate incident documentation and communicate findings to both technical and non-technical stakeholders

WHAT YOU’LL BRING

• Experience working within a Security Operations Centre (SOC) or similar operational cyber security environment
• Hands-on experience with Microsoft Sentinel for monitoring, investigations, hunting, alert tuning, and dashboard development
• Strong knowledge of Microsoft Defender technologies including Defender for Endpoint, Defender for Identity, Defender for Cloud, and Defender for Office 365
• Experience leveraging Microsoft Purview for data security, insider risk, or compliance-related investigations
• Strong understanding of threat detection and response methodologies, including MITRE ATT&CK
• Experience with SIEM and log analytics platforms across endpoint, identity, network, cloud, and email environments
• Experience investigating endpoint-based security incidents using EDR/XDR technologies
• Practical understanding of IAM concepts including privileged access, account compromise, and lateral movement scenarios
• Strong analytical, investigative, and problem-solving capability with high attention to detail
• Ability to work collaboratively within a geographically dispersed SOC environment

WE ENCOURAGE YOU TO APPLY

After you have applied, you will receive an email acknowledging your application. We’ll then provide a personalised experience for suitable applicants as we progress the selection and assessment process. Prior to being offered employment, you will need to complete pre-employment police and depending on the role type, medical checks as well.

As a Defence security clearance is required for this role, applicants must be Australian citizens and eligible to obtain and maintain an appropriate clearance. To learn more about clearances please visit – http://www.defence.gov.au/AGSVA/

#LI-PD1