SOC Analyst

Tired of being a small cog in a 200 person SOC? Want a flat structure, real autonomy, and direct access to senior leaders rather than three layers of management between you and a decision?

We are not your typical cyber team! We are collaborative, curious and customer obsessed, and we are looking for a SOC Analyst to join our small but mighty London Security Operations Centre.

This is a four person London team reporting directly into our Sydney head office, working alongside experienced analysts and engineers who genuinely invest in developing the people around them.

Want to triage alerts that matter, investigate live phishing campaigns, and tune detections in Sentinel for some of Australia's most recognised enterprise and government clients? This is a role where the work is real, the feedback loops are short, and your capability will sharpen quickly.

About Orro

We’re an Australian success story, now close to 500 people strong, delivering secure, end-to-end digital solutions across cloud, collaboration, cyber security, data services and network infrastructure, all backed by over 20 years of experience. Trusted by some of Australia’s biggest brands, Orro leads the way in designing, building and operating digital infrastructure that delivers greater efficiency, agility, performance and resilience. Our solutions take the stress out of tech for more than 400 businesses and over 20 million Australians every single day.

Our mission? To create “future now” solutions making it faster, simpler and safer for people to access, store and share information, wherever they are and whoever they’re with. But more than that, we know that real impact comes from connecting people, not just machines. That’s why we take the time to understand our clients; how they work, what matters to them, and where they’re headed so we can deliver not just what they need today, but what they’ll need next.

With offices in London, Sydney, Melbourne, Canberra, Brisbane and Perth, and teams across New Zealand, and the Philippines, Orro is known for delivering future-ready solutions, backed by deep expertise, genuine human insight and lasting partnerships.

What You’ll Be Doing

As part of the Security Operations Centre, you will work across daily operations, threat analysis and proactive defence activities. You’ll collaborate closely with your SOC peers to strengthen detection capability and deliver meaningful outcomes for customers.

• Dive into SIEM events, track emerging threats and uncover intrusion attempts

• Take charge of incident response, moving quickly from triage to escalation and resolution

• Analyse phishing activity, suspicious domains and IPs to identify real risks fast

• Lead threat hunting and vulnerability assessments to stay ahead of attackers

• Build smart, high fidelity detections through alert tuning, rule creation and system enhancements

• Mentor junior analysts and help lift the capability of the wider SOC

• Champion security implementations and deliver proactive support that drives strong customer outcomes

What You’ll Bring

You are structured, proactive and thrive in environments where accuracy matters. You bring more than three years of relevant experience and a strong technical foundation across detection, analysis and incident response.

The essentials

• 3+ years hands on experience in an enterprise SOC, with daily use of SIEM, XDR or EDR tooling

• Hands on experience with Microsoft security technologies including Sentinel, Defender and Entra

• Practical incident response experience, including triage, investigation and escalation

• Working knowledge of MITRE ATT&CK, NIST CSF and ISO 27001

• Clear communicator able to translate technical detail for any audience

Bonus points

• Exposure to digital forensics or threat hunting workflows

• Confidence working across Linux or Unix environments alongside Microsoft

• Broad understanding of cloud, networking, firewalls, ITSM and vulnerability management tools such as Rapid7, Tenable or Qualys

Growth @ Orro Cyber

At Orro, the Cyber team places a strong focus on continuous learning and professional growth. We actively encourage employees to pursue certifications and training aligned to their role and career goals. Commonly supported certifications include Microsoft AZ-500, MS-100, SC-200, MS-300, and MS-401, along with vendor-specific programs such as Splunk, SentinelOne, and Rapid7 certifications.

Beyond technical credentials, we also select team members for targeted development opportunities such as Presentation Skills training, mentoring programs, and participation in cross-team knowledge-sharing sessions. Combined with ongoing on-the-job learning and exposure to large-scale enterprise environments, this creates a strong platform for career progression within Orro’s Cyber function.

Why Orro?

At Orro, we’re proud to support our people and the people who matter most to them in meaningful and inclusive ways. From public holiday swaps that embrace family and cultural diversity, to generous parental and caregiver leave, flexible work options, and company-wide mentoring, we’re here to help you thrive at every stage of life.

We also invest in the future through our Emerging Leaders Development Program, nurturing the next generation of talent from within. On top of that, you’ll enjoy 3 days of paid volunteer leave each year, novated leasing, employee discounts, and full access to our wellbeing platform packed with expert fitness plans, nutrition tips, and tools to help you feel your best, inside and out.

We value different perspectives and proudly celebrate the diversity of our people. We are committed to creating an inclusive workplace where everyone can thrive, including LGBTQI team members, people with disabilities and those on the autism spectrum. Your unique experience is not just welcomed here, it is valued.

Orro is deeply committed to sustainability and social responsibility. By joining us, you contribute to initiatives that support our communities and help create a better future.

**Applicants must have the unrestricted right to work in the UK. Please note that visa sponsorship is not available for this role. **