Orro Group
Security Operations Center Analyst

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
SOC Analyst – London
Tired of being a small cog in a 200-person SOC? Want a flat structure, real autonomy, and direct access to senior leaders rather than three layers of management between you and decision-makers?
We are not your typical cyber team! Collaborative, curious, and customer-obsessed, we’re looking for a SOC Analyst to join our small but mighty London Security Operations Centre. Our four-person London team reports directly into our Sydney head office, working alongside experienced analysts and engineers who genuinely invest in developing their people.
Want to triage the alerts that actually matter, investigate live phishing campaigns, and tune detections in Sentinel for some of Australia’s most recognised enterprise and government clients?
This is a role where the work is real, the feedback loops are short, and your capability will sharpen quickly.
About Orro
We’re an Australian success story, now close to 500 people strong, delivering secure, end-to-end digital solutions across cloud, collaboration, cybersecurity, data services, and network infrastructure, backed by 20 years of experience. Trusted by some of Australia’s biggest brands, Orro leads in designing, building, and operating digital infrastructure that delivers efficiency, agility, performance, and resilience. Our solutions make tech faster, simpler, and safer for 400+ businesses and over 20 million Australians daily.
Our mission: To create "future now" solutions—solutions that align what people need today with what they’ll need tomorrow. So we take the time to understand our clients: how they work, what matters to them, and where they’re headed. Because real impact comes from connecting people—not just machines.
With offices in London, Sydney, Melbourne, Canberra, Brisbane, and Perth, and teams in New Zealand and the Philippines, Orro is known for delivering future-ready solutions, backed by deep expertise, human insight, and lasting partnerships.
What You’ll Be Doing
As part of the Security Operations Centre (SOC), you’ll work across daily operations, threat analysis, and proactive defense efforts. Collaboration with your SOC peers is key to strengthening detection capabilities and delivering meaningful customer outcomes.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
- Analyse SIEM events, track emerging threats, and uncover intrusion attempts
- Take charge of incident response, moving quickly from triage → escalation → resolution
- Analyse phishing activity, suspicious domains and IPs to identify real risks fast
- Lead threat hunting and vulnerability assessments to stay ahead of attackers
- Tune detection rules, build high-fidelity alerts, and enhance system capabilities via Sentinel, rules creation, and system enhancements
- Mentor junior analysts and help elevate the entire SOC’s effectiveness
- Champion security implementations and provide proactive support driving strong customer outcomes
What You’ll Bring
You’re a structured, proactive individual who thrives in accuracy-focused environments. With 3+ years of relevant experience, you have a strong technical foundation across detection, analysis, and incident response.
The Essentials
- 3+ years’ hands-on experience in an enterprise SOC, with daily use of:
- SIEM
- XDR
- EDR tooling
- Hands-on experience with Microsoft security technologies, including (but not limited to):
- Microsoft Sentinel
- Microsoft Defender
- Microsoft Entra (formerly Azure AD)
- Practical incident response experience, covering:
- Triage
- Investigation
- Escalation
- Working knowledge of:
- MITRE ATT&CK framework
- NIST Cybersecurity Framework (CSF)
- ISO 27001
- Clear communicator who can translate complex technical details for any audience
Bonus Points
- Exposure to digital forensics or threat hunting workflows
- Confidence working across Linux/Unix environments alongside Microsoft ecosystems
- Broad understanding of:
- Cloud platforms
- Networking
- Firewalls
- ITSM
- Vulnerability management tools (e.g., Rapid7, Tenable, Qualys)
Growth @ Orro Cyber
At Orro, the Cyber team prioritises continuous learning and professional development. We actively encourage employees to pursue certifications and training aligned with their role and career goals. Commonly supported certifications include:


Get help with your application
Your very own career expert that helps elevate your application to the next level.
-
Microsoft certifications:
- AZ-500: Microsoft Azure Administrator
- MS-100: Microsoft 365 Identity and Services
- SC-200: Microsoft Security Operations Analyst
- MS-300: Microsoft 365 Applications
- MS-401: Modern Desktop Administrator
plus vendor-specific programs such as:
- Splunk
- SentinelOne
- Rapid7
Beyond certifications, we offer:
- Presentation Skills training
- Mentorship programs
- Cross-team knowledge-sharing sessions
Combined with on-the-job learning and exposure to large-scale enterprise environments, this creates a strong foundation for career progression within Orro’s Cyber function.
Why Orro?
At Orro, we’re proud to support our people—and the people who matter most to them—in meaningful, inclusive ways. We offer:
Workplace Enrichment
✔ Flexible work options ✔ Company-wide mentoring programs ✔ Generous parental and caregiver leave ✔ Public holiday swaps (respecting diverse family and cultural times) ✔ Mentoring, ELD Program to nurture future leaders
Performance Support
✔ 3 days of paid volunteer leave per year ✔ Novated leasing options ✔ Employee discounts on a wide range of services ✔ Wellbeing platform with expert resources, fitness plans, nutrition advice
Diversity & Inclusion
We value different perspectives and actively celebrate diversity in all forms, including:
| Group |
|---|
| LGBTQI+ team members |
| People with disabilities |
| Individuals on the autism spectrum |
At Orro, your unique experience is not just welcomed—it is valued.
Social Responsibility
Orro is deeply committed to sustainability and community initiatives. By joining, you contribute to initiatives that improve lives and build a better future.
Applicants must have the unrestricted right to work in the UK. Visa sponsorship is not available for this role.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location