Are you a senior SOC professional ready to lead advanced cyber investigations and drive security maturity?
We are seeking an experienced SOC Lead to own and elevate our Cyber Incident Response and Data Security capability. This is a highly technical leadership role where you will drive automation, improve detection and response maturity, and lead complex investigations across enterprise environments.
If you thrive in high-impact environments and want to shape the future of security operations, this role is for you.
This role is hybrid - 3 days in office with option for 2 days WFH.
About Us
We’re The Missing Link - one of Australia’s most awarded IT providers, now backed by global powerhouse Infosys. For over 28 years, we’ve helped businesses succeed with cutting-edge Cyber Security, IT & Cloud, and Automation solutions. With 200+ team members and a culture built on inclusion, innovation, and impact, we offer a workplace where you’re valued, challenged, and supported to grow.
We are THE MISSING LINK between where you are and where you want to be.
Our Security Division is one of the fastest-growing in Australia, structured into 3 specialised streams:
- Red Team – Penetration Testing & Security Consulting
- Blue Team – Security Architecture & Engineering
- SOC – Managed Detection & Response (MDR)
Key Responsibilities:
Incident Response & SOC Operations
- Lead end-to-end response for complex cyber security incidents
- Design and enforce advanced incident response procedures
- Develop sophisticated SIEM and EDR detections and search queries
- Build dashboards covering alerts, KPIs, and SOC performance metrics
- Conduct malware analysis, adversary tracking, and impact assessments
- Produce detailed incident and threat intelligence reports
Threat Intelligence & Hunting
- Analyse threat intelligence and map adversary TTPs
- Develop and execute structured threat hunting programs
- Identify emerging risks and environmental weaknesses
- Recommend mitigation strategies to reduce organisational risk
Data Security & Insider Threat
- Define and tune DLP policies and data protection controls
- Investigate insider threat and data loss incidents
- Align data security controls with business and regulatory requirements
Automation & Continuous Improvement
- Build and optimise SOAR playbooks across SOC and IR workflows
- Automate reporting and operational processes
- Conduct SOC maturity assessments
- Drive strategic improvements across security operations
Leadership & Stakeholder Engagement
- Mentor and uplift L1 and L2 analysts
- Partner with internal teams and stakeholders
- Deliver consistent, high-quality security operations outcomes
Requirements
- 7–12 years’ experience across Security Operations, Incident Response, and Data Security
- Deep hands-on expertise with SIEM, EDR, DLP, and SOAR platforms
- Strong background in Threat Intelligence and Threat Hunting
- Proven experience improving SOC processes and operational maturity
- Strong analytical capability and ability to lead complex investigations
Preferred Certifications
At least three of the following:
- Splunk Core Certified Consultant
- Splunk Certified Cybersecurity Defense Engineer
- CrowdStrike Certified Falcon Responder or Hunter
- Microsoft SC-400 or SC-401
- Palo Alto XSOAR Engineer
- CyberArk Sentry or Guardian
- Google Cybersecurity Certificate
- Professional Security Operations Engineer
Highly Regarded:
- SANS FOR508 (or equivalent)
- CISSP or CISM
- CyberArk Guardian
Why Join Us?
- Opportunity to lead advanced cyber investigations
- Drive automation and SOC maturity initiatives
- Work with modern security platforms and tooling
- Influence enterprise-wide security posture
- Melbourne-based role with strong technical ownership
Benefits
Having a great company culture is very important to The Missing Link. Keeping our team happy is one of our top priorities.
Here are some of the best things about working at The Missing Link:
- Supportive environment and fun collaborative culture
- Training / mentoring programs
- Regular, fun social events