Security Operations Centre Analyst
288 Pretoria Avenue, Randburg, 2194, South Africa
ZAR 420K-444K (estimate) Senior-level Full Time
Tasks
- Acquire evidence with chain of custody
- Analyze logs and artifacts
- Build intrusion timelines
- Collaborate on purple teaming
- Conduct threat hunting
- Correlate telemetry across sources
- Create and tune SIEM detections
- Develop detection rules and queries
- Lead incident response
- Maintain incident response runbooks and SOPs
- Perform digital forensics
- Perform malware triage and IOC analysis
- Produce technical and executive reports
- Triage and scope incidents
- Validate logging coverage and retention
Perks/Benefits
- N/A
Skills/Tech-stack
Artifact analysis | Attack Framework | Chain of Custody | DNS | Defender for Endpoint | Defender for Identity | Detection Engineering Playbooks | Detection engineering | Digital forensics | EDR | Evidence Preservation | HTTP | IPFIX | Incident Response | Linux forensics | Log Analysis | Microsoft Defender | Microsoft Defender for Endpoint | Microsoft Defender for Identity | Microsoft Sentinel | Mitre Attack | NetFlow IPFIX | Netflow | Netflow IPFIX Collectors | Network Forensics | PCAP Analysis | Powershell | Purple Teaming | Python | SIEM | Sigma | Sigma Rule Queries | Sigma rules | Splunk | Suricata | TCPIP | TLS | Threat hunting | Timeline Analysis | Tshark | Windows forensics | Wireshark | Zeek
Education
N/A
Related jobs
-
Archer GRC | Basel III | Dodd-Frank | Excel | GDPRFlexible reporting schedule | Remote workMid-level Full TimeSouth Africa - Remote R1d ago
-
Technical Support Analyst (French Speaker) ZAR 204K-213KApache | CRM | Code Signing | Customer support | DNSDisability insurance | Education Support Program | Employee assistance program | Gym reimbursement | Life insuranceEntry-level Full TimeCape Town3d ago
-
API Security | Access Management | Agile | CIS Benchmarks | Cloud SecuritySenior-level Full TimeJohannesburg, South Africa6d ago
-
Security Engineer ZAR 480K-600KAV EDR Policy Tuning | AV/EDR | Amazon Web Services | Cloud platform | Correlation rulesCoursera subscription | Flexible PTO | Gym reimbursement | Internet allowance | Parental leaveMid-level Full TimeCape Town6d ago
-
Associate Security Engineer ZAR 384K-516KAI Security | AI security tools | AWS | EDR | Email SecurityCoursera subscription | Flexible PTO | Gym reimbursement | Internet allowance | Mental health and wellness benefitsMid-level Full TimeCape Town6d ago
-
AWS CloudWatch | AWS IAM | AWS Lambda | Account takeover | Adversary in the MiddleCareer growth | Collaborative fast paced team | Mentorship | Security conference attendance | Training programsSenior-level Full TimeCape Town, Western Cape, South Africa17d ago
-
Level 1 Cyber Security Analyst ZAR 400K-450KBash | Cyber Kill Chain | Endpoint Security | Incident Triage | Kill Chain24/7 SOC team | Flexible work schedule | Knowledge transfer | Remote workEntry-level Full TimeJohannesburg, South Africa17d ago
-
Exception Handling | IntelliJ | Java | Java Memory Management | Memory ManagementSenior-level Full TimeJohannesburg, GP, South Africa17d ago
-
Access Governance | Application Security | Cloud Security | Ethical Hacking | Information securityMid-level Full TimeCape Town, WC, South Africa17d ago
-
Access Control | Application Firewall | Device troubleshooting | Disaster Recovery | Event managementSenior-level Full TimeRandburg, GP, South Africa17d ago
-
Access Management | Active Directory | Amazon Web Services | Application Firewall | CISMSenior-level Full TimeCape Town, WC, South Africa17d ago
-
API Management | Access Management | Active Directory | Activity monitoring | Automation and responseCross-functional collaboration | Enterprise environment exposureSenior-level Full TimeJohannesburg, GP, South Africa17d ago
-
Computer Security | Incident Response | Network Security | Penetration Testing | Risk AssessmentSenior-level Full TimeCape Town, WC, South Africa17d ago
-
AWS | Automation | Kubernetes | Monitoring and Alerting | PythonSenior-level Full TimeCape Town, WC, South Africa17d ago
-
AWS | Automation | Cloud Security | Kubernetes | Monitoring and AlertingLearning mindset | Teamwork cultureSenior-level Full TimeCape Town, WC, South Africa17d ago
-
Change Control | DHCP | DNS | Databases | GovernanceOn-call supportMid-level Full TimeJohannesburg, GP, South Africa17d ago
-
Access Management | Application Firewall | Cybersecurity Framework | DLP | Data Loss PreventionMid-level Full TimeCape Town, WC, South Africa17d ago
-
Mid-level Full TimeLebowakgomo, LP, South Africa17d ago
-
Automation | Azure | Azure Cloud | Azure Cloud Security | CASBSenior-level Full TimeCape Town, WC, South Africa17d ago
-
Amazon Web Services | Azure | CI/CD | Checkpoint | Cloud SecurityHybrid workMid-level Full TimeDurban North, KZN, South Africa17d ago
-
AlienVault | Antimalware | ArcSight | Cisco | Cloud SecurityMid-level Full TimeCape Town, WC, South Africa17d ago
-
Availability Management | Azure Security | Capacity Management | CheckPoint CCSA | Cisco MerakiMid-level Full TimeCape Town, WC, South Africa17d ago
-
AWS | Application Security | CI/CD | Code Analysis | Continuous SecurityMid-level Full TimeCape Town, WC, South Africa17d ago
-
Access Management | Active Directory | Authentication Protocols | Azure | IT ArchitectureMid-level Full TimeJohannesburg, GP, South Africa17d ago
-
API Scripting | Active Directory | Application Security | Azure Active Directory | C++Mid-level Full TimeJohannesburg, GP, South Africa17d ago