Cyber Security Analyst (Incident Response)

At IAG, we’re ready for you. We're the largest general insurance group in Australia and New Zealand. Our family of brands turns the IAG purpose of making your world a safer place into action by helping everyday Aussies and New Zealanders, supporting their ambitions and making insurance accessible.

Join a high performing Cyber Defence Operations team dedicated to predicting, preventing, detecting and responding to cyber threats across a complex enterprise environment.

As a Cyber Security Analyst, you will apply your knowledge and skills as an experienced L2 Incident Responder, acting as the last line of defence against advanced cyber threats. This is to be achieved by employing both proactive and reactive countermeasures against sophisticated threats targeting the IAG environment.

This is a permanent full-time role based in Gadigal Country (Darling Park 2, Sydney), Meanjin (Brisbane) or Naarm (Melbourne).

What You'll Do

• Level 2 Incident Response: Act as a Level 2 SOC Incident Responder responsible for investigation, analysis, and containment of complex cyber security incidents.


• Lead and co-ordinate incidents: Lead investigation and response to incidents, through use of SIEM, EDR, DLP, Cloud Services and SOAR technologies. Provide situational awareness and reporting on cyber security incident status and trends in adversary behaviours to the appropriate internal and external parties.


• Hunt threats: Collaboration with the Threat Intelligence team to perform threat hunting activities and develop new detection methodologies.


• Continuously improve: Summarise and co-ordinate Post Incident Review (PIR) activities and implement identified IR and detection improvements.


• Purple teaming: Collaborate with Offensive Security on Purple Teaming activities, and translate outcomes into detection and control improvements.

What You'll Bring

• 3–5 years hands-on experience in incident response and SOC operations.


• Previous experience providing L2 SOC Analyst Incident Response.


• Proven experience co-ordinating incident investigation and response activities, managing escalated cases end-to-end.


• Exposure to proactive threat hunting and advanced attacker techniques (e.g., APTs, ransomware, BEC).


• Incident Response Tools: Proficiency with SIEM (Splunk), EDR (CrowdStrike), Purview and ServiceNow.


• Cloud Security & IR: Experience handling incidents in SaaS/IaaS environments.


• Scripting & Automation: Skilled in Python, PowerShell, and Bash for automation and IR.


• Threat Detection Engineering: Development and tuning of detection use cases; playbook creation and maintenance.


• Frameworks: Familiarity with MITRE ATT&CK for threat mapping.

What We Offer

• Boosted superannuation with 13% as standard.


• 20 days annual leave + 5 days MyLeave (extra leave for what’s important to you).


• Work from home and many more flexibility options with myFlex.


• Up to 50% off personal insurance, including home and motor insurance.


• Partner discounts on private health insurance, tech & appliances, and many more.


• Industry-leading 20 weeks paid parental leave.


• Access to LinkedIn Learning, the award-winning IAG Academy, study assistance and secondment opportunities.

*employment type eligibility criteria apply

Applications close: Sunday 8 March 2026 11:59PM AEDT

Adjustments and Support

 If you require any support or adjustments to participate equitably in our recruitment process, we encourage you to reach out to [email protected] for a confidential conversation.

More About Us

As part of IAG you'll enjoy a world of career opportunities, a purpose-led place focused on creating connection and belonging, and where you can create meaningful impact every day and grow your career beyond the expected. That’s not just words. It’s our people promise. We're ready for you with unexpected opportunities for your career, your work-life and your ability to make a difference. We celebrate all viewpoints shaped by life experiences and culture, and are guided by the knowledge and voice of Aboriginal and Torres Strait Islander peoples, businesses, and communities. We collaborate on Indigenous-led solutions that enable growth and create meaningful change for our customers and employees.