SOC Analyst

XPT Software

Role Summary

The Cyber Security Engineer is responsible for supporting NIST CSF / NIST 800 assessments, triaging penetration test findings, and driving remediation activities across application, infrastructure, network security, and monitoring platforms.

The role is hands-on and delivery focused, working closely with architects, platform owners, SOC, and infrastructure/application teams to translate security findings into actionable fixes, validate control effectiveness, and support audit‑ready evidence for regulated/government environments.

Key Responsibilities

NIST Assessment Support (CSF / NIST 800 Series)

  • Support NIST CSF / NIST 800‑53 / 800‑61 / 800‑92 assessments through:
    • Control evidence collection
    • Gap analysis support
    • Mapping tooling controls to NIST requirements
    • Control implementation summaries
    • Tool capability mapping
    • Evidence packs for audits and client reviews
  • Track and manage security gaps, risks, and remediation actions in line with agreed timelines
  • Support continuous improvement initiatives driven by assessment outcomes

Penetration Test Findings & Remediation

  • Triage and analyse application, infrastructure, and network penetration test findings
    • Validate findings (true positive vs false positive)
    • Prioritise remediation based on risk and exploitability
    • Configuration hardening
    • Policy tuning
    • Control enablement or enhancement
  • Track remediation status and provide clear closure evidence for governance and audit forums

Hands‑on engineering support across:

  • Endpoint & Infrastructure Security
  • Vulnerability & Exposure Management
    • Policy tuning and baseline hardening
    • Coverage and health checks
    • Supporting remediation of vulnerabilities and misconfigurations
    • Validating fixes post‑remediation

Support security controls across:

  • Cisco security platforms
  • Imperva
  • Microsoft GSA / related network security controls

Responsibilities include:

  • Supporting firewall / network security rule reviews and clean‑ups
  • Assisting with remediation of network‑related pen test findings
  • Supporting change validation and post‑implementation checks
  • Working with network teams to ensure security controls align with NIST and secure‑by‑design principles
    • Splunk
    • Microsoft Sentinel
    • Log source onboarding validation
    • Detection coverage checks related to NIST and pen test scenarios
    • Validation that remediated controls generate expected telemetry
  • Support SOC teams with investigation data where required
    • Remediation actions
    • Control changes
    • Evidence required for audits and MSSR / governance reviews
    • Incident and problem reviews (P1 / P2 support)
    • Root cause analysis where control gaps are identified
  • Follow structured change and release processes (CAB, validation, rollback awareness)

Skills & Experience

  • 5 years experience in security engineering / SecOps / blue team roles
  • Exposure to NIST CSF or NIST 800 frameworks
  • Hands‑on experience supporting remediation across:
    • Endpoint / infrastructure security tools
    • Vulnerability management platforms
    • Network security controls
  • Experience working with penetration test reports and remediation tracking
  • Familiarity with SIEM platforms (Splunk and/or Sentinel)
  • Strong documentation and evidence‑driven mindset (audit readiness)

How to apply

To apply for this job you need to authorize on our website. If you don't have an account yet, please register.

See more jobs in Melbourne, Victoria, jobs in Australia