Triskele Labs are an Australian based cybersecurity consultancy and Managed Security Services Provider (MSSP). Our SOC team are currently expanding our team into the USA to provide follow the sun Digital Forensics and Incident Response (DFIR) and Threat Hunting services for our Australian based clients.
This role will have a big focus on hunt and respond, as well as conducting detection engineering to identify threats not identified by the security tools we have in place. The role will be a technical lead for the Major Incident Response team and expected to interface with clients on an ongoing basis.
The Level 3 Security Analyst forms part of the Security Operations team that is comprised of Level 1 Security Analysts and other Level 3 Security Analysts. When you are not participating in Incident Response engagements, you will be undertaking threat hunts in our client environment using SIEMs, EDRs and Open-Source tools. The Level 3 Security Analysts also act as a technical escalation point for the Level 1 and 2 team. The Level 3 Security Analyst also directly interacts with the dedicated Adversary Simulation / Red Team to form a Purple team.
You will have prior experience in a SOC team (preferably at a MSSP) or in Digital Forensics and Incident Response roles. Familiarity with EDR tools (e.g. Carbon Black, Crowdstrike, Microsoft Defender) and forensic tools (e.g. Magnet Axiom, KAPE, X-Ways, Volatility, Cellebrite) is required. Experience in reverse engineering malware and Cyber Threat Intelligence is advantageous.
We are looking for someone that has advanced technical knowledge, can work autonomously and can convey technical findings in a non-technical manner to stakeholders. As a fully remote role in a different country than all other team members, you will be able to work autonomously and have the ability to keep your wider team informed through handovers and conversations via Instant Messaging and Video Conferencing.
The following outlines the typical responsibilities of the role:
Team culture is everything to Triskele Labs and it is the reason we exist. Our founder set out to create a cybersecurity company that is a place our team love to work. While we focus this culture on the team in Australia, the pivot to remote working has ensured that we provide this for all team members, on-site or remote. We will continue to strive for excellence with our inclusive team culture through initiatives developed by our People and Culture team. In addition, we provide:
We are a forward thinking company and always looking for ways to boost our team culture and ensure we are a destination employer.