• Act as the shift lead for Level One analysts, providing guidance and support during shifts.
• Oversee and coordinate the activities of the SOC team during their shift.
• Provide guidance and support to Level One analysts, ensuring they follow established procedures and protocols.
• Facilitate communication and collaboration within the team to maintain a high level of efficiency and effectiveness
• Escalate complex security incidents to Level Two analysts for further investigation.
• Be part of a globally distributed team (24x7) that will use several security tools (e.g., SIEM, email triage platform, cloud security tooling, EDR solutions, etc) to investigate suspicious events.
• Proactively monitor and respond to suspicious or true positive incidents across our security platforms. 
• Perform initial incident analysis of various security alerts by analysing and investigating security-related logs harvested from various security signals.
• Provide recommendations and initial assessments to Tier 2 resources for deeper analysis and triage.
• Perform timely escalation of cybersecurity incidents to Tier 2 resources and incident responders using incident management tools and other available channels.
• Conduct research using various proprietary and open-source tools to identify current and emerging threats and risks to QBE.
• Provide assessment and recommendations to mitigate potential threats or suppress any occurring false positive alerts.
• Perform ad-hoc tasks and completion of goals relating to ongoing projects and initiatives.
• Generating reports and providing insights on the efficacy of the current security tools, incident responses, procedures, and other security-related information.
• Compile and document findings in threat intelligence reports.
• Provide actionable insights and recommendations based on the analysis of threat data.
• Gather and analyse data from various sources to identify potential threats and vulnerabilities.
  
  
  
  

• Minimum of 3 years of experience in a security operations centre or similar environment.
• Hands-on experience with security monitoring tools, incident response procedures, and threat analysis.
• Experience in leading and managing a team, preferably within a SOC or IT security context.
• Strong ability to coordinate and support team members, ensuring efficient and effective shift operations.
  
  
  
  

• Advanced understanding of tools, techniques and procedures that modern attackers use to compromise organisations.
• Familiarity with threat intelligence platforms and methodologies.
• Specialized knowledge of global security standards and regulations.
• Experience with security information and event management (SIEM) systems.
  
  
  
  

• Strong leadership skills with the ability to motivate and guide a team.
• Experience in managing shift schedules and ensuring adequate coverage.
• Ability to make quick, informed decisions independently and under pressure.
• Skilled in using security monitoring tools and technologies.
• Clear understanding of incident response procedures and threat analysis.
• Knowledge with SIEM systems and security protocols.
• Excellent analytical skills to identify and assess security threats.
• Effective communication skills to interact with team members.
  
  
  
  

• We are customer-centred
• We are technical experts
• We are diverse
• We are fast-paced
• We are courageous
• We are accountable
• We are a team
• All employees are expected to adhere to QBE’s Code of Ethics and Conduct and apply sound risk management practices
  
  
  
  

Please refer to job description.