Level 2 SOC Analyst

Job Title: Senior SOC Analyst

Job Location: Johannesburg

Job Model: Hybrid

Overview: Our organization is looking for a skilled and experienced Senior SOC Analyst to join our team. The successful candidate will be responsible for monitoring, detecting, and responding to security incidents in our organization's environment. The Senior SOC Analyst will also work closely with the security operations team to improve the security posture of the organization.

Key Responsibilities:

• Monitor and analyze security events from various sources, including but not limited to network traffic, log files, and endpoint devices.
• Respond to security incidents, including performing investigation and root cause analysis to determine the scope, impact, and severity of the incident.
• Recommend remediation actions and work with the security operations team to implement them.
• Develop and maintain playbooks, procedures, and other documentation to streamline the incident response process.
• Participate in security incident response exercises, tabletop exercises, and other activities to improve the organization's security posture.
• Provide guidance and mentorship to other members of the security operations team.
• Stay up-to-date with the latest security threats, vulnerabilities, and mitigation strategies.
• Work with other teams in the organization to ensure that security controls are effectively implemented and maintained.
• Contribute to the development and implementation of the organization's security policies, standards, and procedures.
• Coordinate with SIEM Engineers to tune Alerts and Events.

Required Skills and Qualifications:

• 5-8 years in support and infrastructure operations
• At least 5 years of experience in infrastructure, with a focus security monitoring.
• Experience with security monitoring tools, including SIEM, IDS/IPS, EDR, and threat intelligence platforms.
• Experience with Intune and M365 Defender, Identity Access Management
• Strong understanding of networking, operating systems, and common attack methods.
• Experience with scripting and automation using languages such as Python, PowerShell, or KQL a plus.
• Familiarity with security frameworks and standards such as NIST, CIS, and ISO a plus.
• Excellent problem-solving skills and attention to detail.
• Strong written and verbal communication skills.
• Ability to work independently and as part of a team.

Preferred Qualifications:

• Relevant certifications such as CySA, CEH, GIAC, Firewall and networking certifications are advantageous
• Microsoft Certifications
• AZ-104
• SC-200

• Experience with cloud security in Azure platforms.
• Knowledge of DevOps practices within Azure and tools such as Ansible, Docker, and Kubernetes would be advantageous.
• Familiarity with identity and access management technologies and processes.
• Ability to think creatively and strategically about security challenges.