Senior SOC Analyst (XDR/MDR Engineer Specialist)

About Us

The Missing Link have been operating in Australia for over 25 years with offices in both Sydney and Melbourne. With over 180+ staff, you will be joining a highly successful team which is set to grow.

Our core offerings include cyber security, hardware and software, resiliency, cloud, communications, infrastructure, consulting services and managed services.

Our Security division is one of the fastest growing Cyber Security businesses in Australia and is split into three service areas:

• Red Team (Security Consulting & Penetration Testing)
• Solutions Team (Security Architecture & Engineering)
• Security Operations Centre (SOC)

We're recognised as industry leaders and accredited to the highest levels in the design, delivery, and support of the latest technologies. We partner with market-leading global and local vendors to deliver world-class business outcomes through IT transformation. Today, The Missing Link is one of the most awarded IT companies in Australia.

The Missing Link SOC has been delivering managed services for over 5 years, moving to a fully on-shore 24 x 7 operating model in October 2019. The SOC Team comprises of 3 teams, two technical (Security Analysts & SOC Engineers) and one Service Delivery Team. Currently 32 strong, our team is set to continue growing as we expand out our UK based team in 2023.

A Day in the Life

The Missing Link Security Operations Centre provides 24x7 Managed Detection & Response (MDR) support to our clients across a variety of sectors, namely Tier-1 FSI, Flagships Airlines, Global Retail, Healthcare and NFP. We have multiple strategic partners in the XDR technology space supporting our SOC Managed Detection & Response Service for over 3 years. We are regarded as one of the most certified and technically capable partners in APAC, with our relationships set to continue to grow in 2023 and beyond.

As a Senior SOC Analyst you will be the XDR & UBA Technical Specialist within The Missing Link. The role will be split into three strategic responsibilities:

• Pre-Sales & Deployment Specialist
• Operations Adoption Engineering & Post-Sales
• Internal Training & Enablement

Pre Sales & Deployment

You will be responsible for pre-sales support to The Missing Link Sales and Solutions Team for XDR/MDR opportunities. This will include, Platform Demonstrations, Proof of Concept Deployments and Deployment and Managed Service Scoping. Upon successful proposals, you will conduct Design workshops, deployment task such as Solution Component Installation, Event Source Integrations, Parser Building and Optimisation and As Built Documentation in preparation for handover to the Client or to our Internal SOC Team

Operations Adoption Engineering & Post-Sales

You will directly support The Missing Link SOC and Service Delivery Team as the Technical Subject Matter Expert relating to XDR & MDR Solution Components, Integrations, Parsers, Behavioural Models and Detection Rules. You will play a significant role in the Continuous Service Improvement Program for our current and future MDR Clients through the development of new use cases and implementation of new features and capabilities. You will assist our Service Delivery Team in Quarterly and Annual Business Reviews through collaboration with Vendor and The Missing Link Stakeholders.

Internal Training & Enablement

As the XDR & MDR Technical Subject Matter Expert you will lead the Internal Training Program for The Missing Link Solutions and SOC Team. This will include Deployment Project Handovers, Lessons Learned and Specialist Technical Topics such as Model and Detection Rule Development, Parser Tuning and more.

We believe in investing in and developing our people through a variety of training and education programs. When you first come on board, you’ll be given a structured training and development plan that is tailored to you and your previous experiences. This will include a combination of both Vendor Internal Training and Certification Courses alongside on the job training provided by The Missing Link Solutions and SOC Team based on our experience over the past 2 years.

Requirements

Essential

• 8+ years of experience working with systems, networking and security technologies, with at least 4 years working as a Security Analyst and/or SOC/SIEM Engineer or equivalent role
• Hands-on security knowledge of Windows/Linux/Unix platforms
• Hands-on experience with one or more SIEM/EDR/VM/XDR systems within enterprise and/or MSSP environments
• Technology deployment and/or migration project experience within Enterprise environments
• Demonstrate technical understanding of:
  • SIEM Solution Components
  • Parser Building and REGEX
  • Data Modelling
  • Detection Rule Development
  • API Integrations
• Working knowledge of the MITRE ATT&CK Framework
• A demonstrated knowledge of Cyber Security controls and technologies, Windows Event Logging and Cloud Service Monitoring (AWS/Azure/GCP)

Desirables

• You are naturally curious and a self-starter. Tell us about how you build Cyber Ranges in your own time, or your latest research project.
• You listen to and follow podcasts and bloggers like Darknet Diaries, Recorded Future, @IT_SecGuru or @TheHackerNews. Tell us what r/ threads you’re currently tracking.
• You have exposure to Vulnerability Assessments or Penetration Testing professionally or through your own personal research. If you’ve started a CEH or OSCP certification, even better!
• Show us how you automate using PowerShell and Python.
• You have expertise and/or experience working within AWS and/or Azure
• You have COMPLETED, not started, certifications such as CompTIA CySA+, CEH, OSCP and DFIR related SANS Courses

Benefits

A great company culture is very important to The Missing Link. Keeping everyone happy is one of our top priorities.

Here are some of the best bits about working at The Missing Link:

• Hybrid / flexible working arrangements
• Supportive collaborative environment

• Training / mentoring programs