We are seeking a proactive and detail-oriented SOC Analyst to join our Security Operations Centre (SOC) team. The SOC Analyst is responsible for real-time security monitoring, threat detection, incident response, and cybersecurity risk management. This role involves analyzing security logs, investigating security incidents, and ensuring the organizations security posture is maintained. The ideal candidate should have a strong understanding of cybersecurity threats, SIEM tools, incident response, and network security, along with the ability to identify and respond to evolving cyber threats effectively.

Duties and Responsibilities

• Security Monitoring & Threat Detection
• Continuously monitor security logs and alerts using SIEM (Security Information and Event Management) tools.
• Analyse network traffic, endpoint activities and system logs for anomalies and suspicious behaviour.
• Monitor firewalls, IDS/IPS (Intrusion Detection & Prevention Systems) and endpoint security tools.
• Incident Response & Investigation
• Investigate, analyse and respond to security incidents, breaches and alerts.
• Perform initial triage, root cause analysis and escalation procedures.
• Work with IT teams to contain, mitigate and recover from cyber incidents.
• Document security incidents, findings and response actions for future reference.
• Vulnerability Management & Risk Assessment
• Conduct regular vulnerability scans to identify and mitigate security risks.
• Assist in patch management processes to ensure system security.
• Support IT teams in evaluating security controls and identifying potential gaps.
• Security Tools & SIEM Management
• Configure and fine-tune SIEM solutions (Splunk, QRadar, ArcSight, etc.) for better threat detection.
• Assist in the deployment and management of security monitoring tools (IDS/IPS, EDR, Firewalls, etc.).
• Ensure continuous improvement of security alerts and automation of security processes.
• Threat Intelligence & Compliance
• Stay updated on emerging cybersecurity threats, malware trends and attack vectors.
• Assist in threat intelligence analysis and contribute to proactive threat mitigation strategies.
• Ensure compliance with industry security regulations (ISO 27001, NIST, GDPR, HIPAA, PCI-DSS, etc.).
• Participate in security audits and documentation for regulatory compliance.
• Security Awareness & Training
• Conduct security awareness training for employees, focusing on phishing, malware and social engineering.
• Assist in cybersecurity drills, tabletop exercises and penetration testing support.

Qualifications & Experience

Required:

• 3-5 years of experience in SOC operations, cybersecurity monitoring, or IT security.

• Strong understanding of cybersecurity threats, malware, and attack vectors.

• Hands-on experience with SIEM tools (Splunk, QRadar, ArcSight, etc.).

• Experience with firewalls, IDS/IPS, endpoint protection, and VPN security.

• Understanding of TCP/IP networking, threat hunting, and log analysis.

• Familiarity with Windows, Linux, and cloud security environments (AWS, Azure, Google Cloud).

• Basic understanding of forensic analysis, threat intelligence, and risk assessment

Preferred Qualifications:

• Bachelors degree in computer science, information security, or a related field.

• Professional certification such as CEH, Security+, Cisco Certified CyberOps Associate, or EC-Council Certified SOC Analyst (CSA).

Reach Deka Minas (Pty) Ltd
Security Operations Center (Soc) Analyst position available in Gauteng, Johannesburg. This job position was posted by Deka Minas (Pty) Ltd. The job has been posted as a premium ad on 2025-02-07 at 13:02:51 in the General Employment category