Johannesburg North: Security Analyst posted by Network Finance

You will play a key role in monitoring security events, responding to incidents, improving the organisation’s security posture, and ensuring compliance across both cloud and on-prem environments.

Key Responsibilities:

• Security Monitoring & Incident Response:
  • Monitor, triage, and investigate security alerts using Microsoft Sentinel (SIEM/SOAR)
  • Respond to incidents, including malware, phishing, identity compromise, and data exfiltration
  • Perform root cause analysis and produce detailed incident reports
  • Develop and tune analytics rules, dashboards, and automation workflows
• Microsoft Defender Security Operations:
  • Manage and operate Microsoft Defender (Endpoint, Identity, Cloud Apps, and Office 365)
  • Investigate advanced threats using Defender XDR
  • Improve detection accuracy and reduce false positives
  • Collaborate with IT teams to remediate vulnerabilities
• Cloud & Identity Security (Azure):
  • Secure Azure workloads, identities, and networks
  • Support Zero Trust security principles
  • Implement and manage RBAC, conditional access, and MFA
  • Analyse logs and telemetry across Azure environments
• Network Security:
  • Manage and monitor Fortinet solutions (FortiGate, FortiAnalyzer, and FortiManager)
  • Investigate network threats and suspicious traffic
  • Support firewall rules, segmentation, VPNs, and IDS/IPS tuning
  • Integrate network logs into Microsoft Sentinel
• Security Playbooks & Automation:
  • Develop and maintain incident response playbooks
  • Align playbooks with compliance standards and MITRE ATT&CK
  • Continuously improve processes through testing and simulations
  • Maintain clear and auditable documentation
• Vulnerability Management:
  • Support the full vulnerability lifecycle (discovery to remediation)
  • Work with Microsoft Defender Vulnerability Management and other tools
  • Track remediation progress and report on risk reduction
  • Partner with technical teams to close security gaps
• Data Protection & Compliance:
  • Support Microsoft Purview (DLP, sensitivity labels, and compliance reporting)
  • Monitor and respond to DLP alerts
  • Assist with compliance initiatives (POPIA, ISO 27001, and GDPR)
• Continuous Improvement:
  • Contribute to security policies and standards
  • Collaborate across infrastructure, cloud, and development teams
  • Stay up to date with emerging threats and Microsoft security technologies

 
Requirements:

• Technical Skills (Essential):
  • Hands-on experience with Microsoft Sentinel
  • Strong experience with Microsoft Defender suite
  • Solid knowledge of Microsoft Azure (IAM, networking, and security controls)
  • Experience with Microsoft Purview
  • Understanding of SIEM/SOAR, MITRE ATT&CK, IAM, and cloud security principles
• Experience:
  • 4+ years in a Security Analyst / SOC / Cybersecurity role
  • Experience securing Microsoft 365 and Azure environments
  • Proven incident response and threat investigation experience
• Certifications (Advantageous):
  • CompTIA Security+, CISSP, or equivalent
  • Microsoft SC-200 (Security Operations Analyst)
  • Microsoft AZ-500 (Azure Security Engineer)
  • Microsoft SC-400 (Information Protection Administrator)

 
Why Join Us?:

• Work with cutting-edge Microsoft security technologies
• Be part of a collaborative and forward-thinking security team
• Opportunity to grow your cybersecurity career in a dynamic environment
• Exposure to enterprise-scale cloud and security operations

Don’t miss out on this opportunity, apply today.