View All Jobs 155135

SOC Onboarding, CTI & Engineering Manager

Oversee the deployment and integration of SOC tools for enterprise threat detection and response
Sydney
Senior
yesterday
Thales

Thales

A global technology leader specializing in aerospace, defense, transportation, and security solutions.

SOC Onboarding, CTI & Engineering Manager

The SOC Onboarding, CTI & Engineering Manager is responsible for leading and overseeing three core functions of our security operations capability: onboarding of new clients and technologies, cyber threat intelligence (CTI), and overall delivery of managed Endpoint Detection and Response (EDR) services. This role is both strategic and hands-on, involving cross-team collaboration, technical leadership, and strong client engagement.

You will be accountable for:

  • Lead the planning, coordination, and execution of SOC onboarding projects across diverse clients and technologies.
  • Ensure successful ingestion and normalization of log sources from on-prem and cloud platforms (e.g., firewalls, EDRs, AWS, Azure, GCP).
  • Define and enforce standard onboarding playbooks and documentation.
  • Coordinate with SIEM/SOAR engineers, client infrastructure teams, and project managers to ensure timely and effective onboarding
  • Oversee the development and operationalization of threat intelligence capabilities.
  • Integrate CTI into detection engineering, use case development, and incident response workflows.
  • Manage threat feeds, enrichment tools, and TTP mapping using MITRE ATT&CK.
  • Lead the creation of threat briefs, intel summaries, and threat hunting guidance.
  • Lead security and automation engineers to deliver client engagements and improve security platforms and automation.
  • Own the architecture, deployment, and lifecycle management of SOC tools including SIEM, SOAR, EDR/XDR, threat intelligence platforms, and log management solutions.
  • Lead integrations between SOC platforms and other enterprise systems (e.g., ITSM, CMDB, cloud platforms).
  • Ensure tool configurations align with detection, compliance, and operational needs.
  • Build and lead a high-performing team across onboarding, CTI, and delivery functions.
  • Develop career paths, training plans, and performance objectives for team members.
  • Identify areas for process improvement and automation to improve SOC onboarding and threat intelligence maturity.
  • Lead change management efforts related to onboarding frameworks, CTI workflows, and service expansion.

To be successful in this role, you will ideally bring with you:

  • 7+ years of experience in cybersecurity operations, with at least 3 years in a leadership or management role.
  • Hands-on experience with SIEM/SOAR platforms (e.g., Google Chronicle, Splunk, Sentinel).
  • Strong understanding of log management, alert tuning, threat detection, and incident lifecycle.
  • Solid grasp of threat intelligence frameworks, IOCs, TTPs, and intelligence lifecycle.
  • Demonstrated experience delivering managed SOC services and handling enterprise customers.
  • Familiarity with CTI tools (e.g., MISP, Anomali, ThreatConnect, Recorded Future).
  • Project management certification (PMP, Agile, ITIL).
  • Experience working in MSSP environments.
  • Degree qualification in Cybersecurity, Computer Science, or a related field.
  • Certifications: CISSP, GCIA, GCTI, GCIH, or similar.

Our Benefits

  • Flexible working options
  • Paid Parental Leave and Veterans Leave
  • Novated Lease options
  • Family support through our partnership with Parents at Work
  • Ongoing personal and professional development opportunities
  • Sonder – Wellbeing & Support Partner

We encourage you to apply. After you have applied, you will receive an email acknowledging your application. We'll then provide a personalized experience for suitable applicants as we progress the selection and assessment process. Prior to being offered employment, you will need to complete pre-employment police checks.

As a Defence security clearance is required for this role, applicants must be Australian citizens and eligible to obtain and maintain an appropriate clearance.

+ Show Original Job Post
























SOC Onboarding, CTI & Engineering Manager
Sydney
Engineering
About Thales
A global technology leader specializing in aerospace, defense, transportation, and security solutions.