Senior CIRT Analyst

JOB DESCRIPTION

Location : Melbourne Yarra Falls or Sydney City (Hybrid)

This is a hybrid position based either in our Sydney or Melbourne Yarra Falls location. We're committed to your flexibility and wellbeing and our hybrid strategy currently requires three days a week in the office, giving you the option to work remotely for some of your working week. Find out more about our flexible work culture at computershare.com/flex.

We give you a world of potential

Computershare has an exciting opportunity for a permanent full-time Senior CIRT Analyst to join our Computershare Shared Services (CSS) team within our Global Information Security (GIS) department.

A role you will love

As a Senior CIRT (Cyber Incident Response Team) Analyst, you will play a critical hands-on role within the Cyber Defence team, responsible for leading complex incident investigations, building and tuning threat detection capabilities, and mentoring SOC Analysts to support global 24/7 operations. In this role, you will act as the primary escalation point for incidents that exceed Tier 1/2 capabilities and ensures operational continuity outside of Security Operations leadership working hours. This includes close collaboration with teams like Security Engineering, Threat Intelligence, the NOC and Incident Management to manage and resolve cyber security incidents to competition.

• Act as the senior escalation point for complex or high-severity incidents.
• Lead incident response lifecycle from detection through to post-incident review.
• Perform high level forensic analysis across cloud, endpoint and network data.
• Develop and execute hypothesis driven hunts across available telemetry.
• Use results to identify gaps or refine detection logic.
• Build, tune, and document detection logic in Sentinel, Defender, CrowdStrike and other platforms.
• Translate threat intelligence into rules and analytics to support incidents.
• Maintain and execute MITRE ATT&CK coverage plans.
• Design and improve operational playbooks and SOAR workflows.
• Implement response logic for recurring incident types.
• Support the development of SOC Analysts by providing escalation support, training and structured feedback.

• Flexibility to work an on-call rotation which will include some weekends and public holidays (current schedule is 1 week every 6 weeks but is subject to change)
• Proven experience in SOC, IR or similar roles with demonstrable in threat hunt or tier 3 response
• Experience building detection logic and analytics rules (e.g. KQL, Sigma)
• Deep understanding of MITRE ATT&CK, threat actors, and attack chains
• Strong verbal and written communication skills including report writing skills, the ability to brief groups of people and the ability to translate technical terms into easy-to-understand concepts for non-technical colleagues
• Experience in financial services, aviation, government or other regulated industries

• GIAC certifications (e.g. GCIA, GCIH, GNFA, GMON, GCFA), Microsoft SC-200, AZ-500 or equivalent
• Experience with Sentinel, Defender and CrowdStrike
• Strong scripting knowledge (PowerShell, python etc)
• Knowledge of Security Frameworks including SOC2, ISO 27001 and NIST
• Active geopolitical awareness
• Bachelor's degree or a master's degree in a relevant field