Cyber Security Operations - Analyst

About IDP

IDP is the global leader in international education services, delivering global success to students, test takers and our partners, through trusted human relationships, digital technology and customer research. An Australian-listed company, we operate in more than 50 countries around the world.

Our team is comprised of over 7,000 people of various nationalities, ages and cultural backgrounds. Proudly customer-first, our expert people are powered by global technology. Together, we offer unmatched services, helping local dreams become realities, all over the world.

Learn more at www.careers.idp.com

Role purpose

We are seeking a Security Operations Analyst to help support the Security Operations Centre and safeguard IDP’s cloud and datacentre platforms. As an analyst, you will be focused on identifying, triaging, and escalating potential security events while developing a strong foundation across security technologies and operational processes. This role requires curiosity, initiative, and a mindset geared toward learning and problem‑solving—not just following instructions. If you have a passion for cybersecurity and a drive to grow in a fast‑paced environment, you will play a key part in maintaining a highly scalable, 24/7 monitored ecosystem. IDP’s production environment is unlike any other; making the ability and willingness to continuously learn and adapt to evolving technologies essential.

Key accountabilities

• Responsible for Ongoing monitoring, issue tracking, ticket creation, updates, escalations and participation on incident bridge calls. Own and adhere to established response SLO’s/SLA’s and a working knowledge of all monitoring and support tools.
• Maintaining a culture of continuous improvement, by providing suggestions for process improvements, providing updates to documentation, providing transfer of knowledge to peers in your area of expertise, and assisting in the training of new hires.
• Frontline Tier l/ll monitoring / escalation / incident response and impact mitigation.
• Execute Command & Control tasks on our infrastructure.
• Orchestrate and manage incident lifecycle between external 3rd party vendors and internal development teams.
• Analyze and support the continuous improvement of our monitoring as well as command and control capabilities. Maintain a high level of communication and knowledge sharing: incident lifecycle tracking, runbooks and operational documentation. Reporting the health and availability of the site and related services
• Manage and be part of a 24/7/365 team to support the environment, which will include nightshifts.
• Prepare and deliver the Reports as per the defined schedule

Required experience

• 3+ years of SOC experience. 
• Understanding of security tools and technologies like Microsoft Security Suite (Defender, Intune, etc.), Splunk, Netskope, CloudWatch, etc.
• Knowledge in Kusto Query Language (KQL), Splunk Processing Language (SPL) and PowerShell Scripting is an advantage
• Knowledge of Systems and Network Infrastructure and experience troubleshooting problems
• Familiarity with monitoring tools such as Splunk, CloudWatch Microsoft Defender and Netskope.
• Familiarity with SNOW, Jira and Confluence
• Experience with troubleshooting OS-level and network configuration
• Experience configuring and maintaining common Linux systems and Windows-based applications
• Experience with Change Management and Change Control.
• Experience working with version control systems (SVN, Git)
• Public cloud infrastructure (Azure and AWS) is a must