Johannesburg City: L3 SOC Analyst / Senior SOC Analyst (Advanced / Lead Investigator) – immediately posted by Securejedi

Role Level: Senior Technical (L3)Role PurposeThe L3 SOC Analyst leads complex investigations, optimizes SIEM detection logic, mentors L1/L2 analysts, and drives continuous improvement of SOC capability. This role is the highest local technical escalation point.Key Responsibilities: Lead complex incident investigations across network, endpoint, and cloud telemetry.Perform root-cause analysis, validate attack paths, and guide containment/eradication.Administer and optimize SIEM/XDR use cases; develop and tune correlation rules.Reduce false positives and increase detection fidelity through systemic tuning.Use threat-intel platforms and IOC repositories to enrich investigations.Apply MITRE ATT&CK mapping to incidents and detections.Provide technical oversight and mentoring to L1/L2 analysts.Contribute to playbook/runbook development and SOC maturity uplift.Minimum RequirementsExperience: 58 years SOC/Blue Team experience including SIEM ownership and major incident leadership.Technical Skills:Advanced SIEM administration, tuning, and content engineering.Strong event correlation and use-case optimization.IOC/IOA analysis and threat-context enrichment.ATT&CK techniques, attack-chain mapping, detection gap analysis.Vulnerability lifecycle awareness and risk-based prioritization.Platform Experience:Experience on Fortinet SIEM/XDR/MDR is advantageous, but other enterprise SIEM/XDR/MDR platforms are equally acceptable (e.g., Microsoft Sentin