Threat Intelligence and Threat Hunting Lead - Security Operations Centre

The opportunity

 The SOC Threat Intelligence and Threat Hunting Engineering Lead is a senior security professional responsible for leading advanced threat detection, threat hunting, and cyber threat intelligence functions for one of our protected SOC clients. This role is critical in protecting the organisation’s network and systems by proactively identifying, analysing, and responding to complex security threats.

The role oversees incident investigations, drives both reactive and proactive threat hunting initiatives, and leverages cyber threat intelligence (CTI) tools to provide actionable insights on emerging threats, threat feeds, and vulnerability advisories. The position also leads the development of detection strategies and collaborates closely with security engineering to enhance the SOC’s overall threat detection and response capabilities.

This role can be performed from any of our EY offices across Australia. Our roles can potentially be adjusted to work flexibly with reduced hours. Please speak with us about potential options.

Your key responsibilities

• Act as the L3 escalation point for the SOC, owning complex cyber incidents end‑to‑end and leading high‑impact investigations for a protected client environment.
• Lead proactive and reactive threat hunting activities, using SIEM, EDR, and network telemetry to design hypotheses, refine detections, and uncover advanced threats.
• Apply cyber threat intelligence to enhance detection and response, including monitoring threat feeds, threat actor activity, vulnerabilities, and credential exposure.
• Mentor SOC analysts and work closely with security engineering to improve detection coverage, reduce alert noise, and strengthen overall SOC capability.

Skills and attributes for success

• Extensive experience operating in a SOC environment, including acting as an L3 escalation point for complex security incidents and investigations.
• Advanced expertise using SIEM and detection tools, particularly Splunk, to investigate threats, develop detections, and support threat hunting activities.
• Strong understanding of threat hunting methodologies, cyber threat intelligence, and frameworks such as MITRE ATT&CK.
• Due to the nature of this role, Australian citizenship is required. Candidates must hold an NV1 security clearance, or be willing and eligible to obtain one.

Ideally, you’ll also have the skills and attributes below but don’t worry if you don’t tick all the boxes. We’re interested in your aptitude, attitude and willingness to learn.

• 7–10 years’ experience in SOC or security analyst roles with progressively increasing responsibility and leadership.
• Experience working with endpoint, network, and security tooling such as EDR, IDS/IPS, email security, vulnerability management, and SOAR platforms.
• Hands‑on experience applying cyber threat intelligence, including threat actor analysis, vulnerability intelligence, and emerging threat monitoring.
• Strong communication skills, with the ability to lead under pressure, mentor analysts, and engage both technical and non‑technical stakeholders.

What we offer you

At EY, we’ll fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. We’re proud to be recognised as the #1 WORK180 Endorsed Employer in the Top 101 Employers for Women 2026. Learn more.

• Career development: At EY, your career is yours to shape! We’ll develop you with future-focused skills and equip you with world-class experiences ey.com/au/careerdevelopment
• Flexible work arrangements: Our flexible work policies empower you to balance your professional and personal life, fostering a culture of trust and autonomy. 
• A comprehensive benefits package: From a yearly wellness incentive, to access to additional 8 weeks of flex leave per year, and family-friendly policies, including 26 weeks of gender-neutral paid parental leave, we cater to your diverse needs to help you thrive both personally and professionally www.ey.com/au/benefits    

• Salary: We offer a competitive salary which is open to negotiation pending on skills and experience.

Acknowledgement of Country

EY acknowledges the Traditional Owners and Custodians of the lands on which EY offices are located around Australia. We pay our respects to their cultures, and to their Elders — past, present, and emerging. Find out more about our vision for reconciliation at ey.com/en_au/careers/indigenous

Inclusiveness is core to who we are and how we work together, driving value for our people and for our business. We encourage applications from people of all ages, nationalities, abilities, cultures, sexual orientations, and gender identities and are committed to providing an equitable and barrier free recruitment experience for all. We encourage you to share any support and adjustments you need to be your best and participate equitably in our recruitment process. We understand sharing your needs with us can be daunting, so if you have questions before or during your application, we welcome you to get in touch at contactrecruitment@au.ey.com or +61 3 8650 7788 (option 2). Anything you tell us will be kept completely confidential.

Are you ready to shape your future with confidence? Apply today.

#LI-Hybrid 

EY | Building a better working world 

Our preferred applicant will be required to undertake employment screening by EY or our external third-party provider. 

© 2025 Ernst & Young Australia. A member firm of Ernst & Young Global Limited. All Rights Reserved. Liability limited by a scheme approved under Professional Standards Legislation.