Security Operations Centre Analyst
Tasks
- Build SOAR playbooks and enrichment pipelines
- Build tune and maintain SIEM detections
- Collaborate with platform engineering and SRE teams on misconfiguration and identity hygiene
- Create and maintain runbooks detection libraries and threat intelligence notes
- Develop and execute threat hunting hypotheses
- Develop log normalization and alert enrichment tooling
- Drive incident response scoping containment eradication recovery and post incident review
- Escalate first line alerts and coordinate with engineering teams
- Map adversary behavior to MITRE ATT&CK
- Monitor IAM network container serverless and data layer security signals
- Monitor and defend Microsoft 365 and Azure workloads
- Monitor triage and investigate security alerts
- Track emerging threats CVEs and threat actor TTPs
- Use AI for triage summarization log analysis and report drafting
- Validate detections with red team purple team exercises
- Write incident reports for technical and executive audiences
Perks/Benefits
- N/A
Skills/Tech-stack
AWS | Active Directory | Application Security | Azure | CI/CD | CSIRT | CTI | Cloud Security | Container Security | Defender XDR | Docker | Endpoint Security | Entra ID | GCP | Go | IAM | IaC | Incident Response | JavaScript | KQL | Kubernetes | LLM security | Log enrichment | MDR | Microsoft 365 | Microsoft Defender | Microsoft Defender XDR | Microsoft Sentinel | Mitre Attack | Network Security | OAuth | OIDC | Powershell | Prompt injection | Purple Teaming | Python | RAG | SIEM | SOAR | SOAR playbooks | Sigma | Terraform | Threat Intelligence | Threat hunting | TypeScript | Vector Stores | XDR | Yara
Education
N/A
Related jobs
-
Audit Logging | Authentication | Bcrypt | CI/CD | DockerEquity participation | Independent contractor flexibility | Onsite work locationSenior-level Full TimeCape Town, Western Cape, South Africa3d ago
-
Anomaly Detection | Database security | LLM security | Machine Learning | Prompt injectionMid-level Full TimeCape Town, Western Cape, South Africa3d ago
-
Information Security Analyst ZAR 384K-480KAPI Security | AWS Security | Automation | Azure Security | CIA triadMid-level Full TimeSouth Africa R5d ago
-
Senior-level Full TimeJohannesburg, Gauteng, South Africa - Remote R6d ago
-
Systems and Security Engineer ZAR 480K-480KAPI Integrations | Amazon Web Services | Azure Cloud | Azure Cloud PCs | Azure VirtualMid-level Full TimeJohannesburg, Gaauteng7d ago
-
Security Solutions Architect ZAR 840K-960KAWS | Access Management | Artifact Hardening | CI/CD | Cloud landing zonesSenior-level Full TimeSandton - 1 Discovery Place, GP, …10d ago
-
SOC Analyst ZAR 550K-650KAWS | Bash | Cloud Security | Cloud Security Posture | Cloud Security Posture ManagementCoaching | Free Lunches | Free coffee | In-office snacks | Medical aidMid-level Full TimeCape Town, SA17d ago
-
Head of Application Security ZAR 420K-500KAI Security | API Security | AWS | Agile | Application SecurityCareer growth | Direct collaboration with security leadership | Team developmentExecutive-level Full TimeCape Town, Apex House, South Africa19d ago
-
Head of Enterprise Security Architecture & Projects ZAR 600K-730KAWS | Architecture Roadmapping | Azure | Cloud Security | Compliance integrationSenior-level Full TimeCape Town, Apex House, South Africa19d ago
-
Platform Security Engineer ZAR 880K-1000KAWS | Access Control | Access Management | Audit Logging | Container SecuritySenior-level Full TimeNigeria, Ghana, Kenya, South Africa22d ago
-
Bash | Cyber Security | Data Privacy | Digital forensics | FirewallMid-level Full TimeCape Town22d ago
-
Archer | Audit Support | Basel III | Cyber Risk | Dodd-FrankFlexible reporting hours | Remote workMid-level Full TimeSouth Africa - Remote R28d ago
-
Active Directory | Agile | Azure Functions | DNS | Entra IDSenior-level ContractPretoria, South Africa28d ago
-
Security Operations Engineer ZAR 480K-540KAzure | EDR | GDPR | ISO 27001 | Incident ResponseEmployee wellness | Hybrid workMid-level ContractCape Town, South Africa1mo ago
-
Cyber Security Operations Engineer ZAR 480K-540KAzure | Cloud Security | EDR | GDPR | ISO 27001Career development opportunities | Employee wellness benefits | Hybrid workingMid-level ContractCape Town, South Africa1mo ago
-
SOC Intern, Cape Town ZAR 240K-240KEDR | Firewalls | IDS | IPS | Incident ResponseEAP Programme | Flexible working hours | Holiday | Hybrid working | Life insuranceEntry-level InternshipCape Town1mo ago
-
Cyber Threat | Cyber Threat Intelligence | Digital forensics | Endpoint Forensics | ISO 20000Senior-level Full TimeCape Town, Western Cape, South Africa … R1mo ago
-
Access Governance | Access Management | Application Security | EDR | Endpoint SecurityMid-level Full TimeCape Town, South Africa1mo ago
-
AWS | Alerting | Automation | Azure | Cloud SecurityAfter hours incident support | Hybrid work | On-call rotationMid-level Full TimeBryanston, Johannesburg, Gauteng R1mo ago
-
AI Assisted Security Tools | AI-assisted Security | Amazon Web Services | Cloud Security | Incident ManagementEntry-level Full TimeJohannesburg, GP, South Africa1mo ago