Johannesburg: Security Operations Center Specialsit posted by Deka Minas (Pty) Ltd

About the Role

We are seeking a proactive and detail-oriented SOC Specialist to join our Security Operations Centre (SOC) team. The ideal candidate should have a strong understanding of cybersecurity threats, SIEM tools, incident response, and network security, along with the ability to identify and respond to evolving cyber threats effectively.

Key Responsibilities

• Security Monitoring & Threat Detection
• Continuously monitor security logs and alerts using SIEM (Security Information and Event Management) tools.
• Analyse network traffic, endpoint activities and system logs for anomalies and suspicious behaviour.
• Monitor firewalls, IDS/IPS (Intrusion Detection & Prevention Systems) and endpoint security tools.
• Incident Response & Investigation
• Investigate, analyse and respond to security incidents, breaches and alerts.
• Perform initial triage, root cause analysis and escalation procedures.
• Work with IT teams to contain, mitigate and recover from cyber incidents.
• Document security incidents, findings and response actions for future reference.
• Vulnerability Management & Risk Assessment
• Conduct regular vulnerability scans to identify and mitigate security risks.
• Assist in patch management processes to ensure system security.
• Support IT teams in evaluating security controls and identifying potential gaps.
• Security Tools & SIEM Management
• Configure and fine-tune SIEM solutions (Splunk, QRadar, ArcSight, etc.) for better threat detection.
• Assist in the deployment and management of security monitoring tools (IDS/IPS, EDR, Firewalls, etc.).
• Ensure continuous improvement of security alerts and automation of security processes.
• Threat Intelligence & Compliance
• Stay updated on emerging cybersecurity threats, malware trends and attack vectors.
• Assist in threat intelligence analysis and contribute to proactive threat mitigation strategies.
• Ensure compliance with industry security regulations (ISO 27001, NIST, GDPR, HIPAA, PCI-DSS, etc.).
• Participate in security audits and documentation for regulatory compliance.
• Security Awareness & Training
• Conduct security awareness training for employees, focusing on phishing, malware and social engineering.
• Assist in cybersecurity drills, tabletop exercises and penetration testing support.

Requirements

• 3-5 years of experience in SOC operations, cybersecurity monitoring, or IT security.
• Strong understanding of cybersecurity threats, malware, and attack vectors.
• Hands-on experience with SIEM tools (Splunk, QRadar, ArcSight, etc.).
• Experience with firewalls, IDS/IPS, endpoint protection, and VPN security.
• Understanding of TCP/IP networking, threat hunting, and log analysis.
• Familiarity with Windows, Linux, and cloud security environments (AWS, Azure, Google Cloud).

Qualifications

No formal education or certifications are required for this role.