Posted on: 20 November 2023
ID 893030

SoC Analyst

Role purpose: This is a hybrid role for Managed Services/Professional Services in the Security Team. We are looking for someone who are a subject matter expert in Security Incident Response and Incident Management. They will have technical knowledge of security technologies (especially Microsoft Security Suite, Sentinel, Intune) and Patching. The Security Operations Analyst plays a vital role in the Cyber Security Team, contributing to the organizations overall cybersecurity posture by actively participating in the monitoring, analysis, and response to security incidents and events. With a focus on continuous learning and collaboration, the Security Operations Analyst supports the Cyber Team in identifying, assessing, and mitigating potential security threats and vulnerabilities. Through the application of foundational technical skills and a strong dedication to detail-oriented analysis, the SOC Analyst assists in safeguarding the organizations critical systems, data, and assets from cyber risks. By working closely with other team members and leveraging emerging technologies, the Security Operations Analyst helps maintain a vigilant and proactive defence against evolving cyber threats, enabling the organization to operate securely and with confidence. This is a hands-on role and requires a high level of technical ability across a variety of systems. You will have experience working in a Cyber security role with analysis and problem-solving skills. You will need to be personable and deliver outstanding customer service to our clients.

RequirementsDuties and Responsibilities:
  • Conduct the daily operations of the internal Cyber Security Team, including incident monitoring, analysis, and response.
  • Monitor security events and alerts using Microsoft Defender, Microsoft Sentinel and other security technologies.
  • Support major incident response efforts and lead on incident response efforts, including containment, investigation, analysist, and reporting of security incidents.
  • Conduct post-incident analysis and recommend improvements to enhance the departments overall security posture.
  • Collaborate with our SOC service management supplier to ensure the timely resolution of security issues and develop alerting and playbooks for services, IT engineers to ensure the proper configurations and management of security monitoring tools and technologies and with cross-functional teams to develop and improve incident response plans, playbooks, and standard operating procedures (SOPs).
  • Analyse security incidents, conduct investigations, and determine the root cause of security breaches or anomalies and respond to security incidents, including containment, mitigation, and recovery actions, ensuring minimal impact on operations.
  • Stay up to date with the latest security threats, vulnerabilities, and industry trends, sharing knowledge and insights with the team.
  • Perform security log analysis, event correlation, and threat intelligence research to proactively identify potential security risks.
  • Assist in the review of configuration of security technologies like Defender, Mimecast, Proofpoint, Umbrella. Essential Skills required: To be knowledgeable and able to demonstrate in depth technical understanding across several of the technologies/areas below:
  • Hands-on experience with incident response and forensics tools, techniques, and methodology.
  • Experience as a SOC analyst in an enterprise organisation.
  • Strong knowledge of cyber security principles, frameworks, and best practices.
  • In-depth understanding of security technologies, especially Microsoft Defender, Microsoft Sentinel, Mimecast, Proofpoint, Umbrella.
  • Ability to analyse and interpret security logs, event data, and alerts to identify potential threats.
  • Proven experience in a cybersecurity role, with a focus on security operations and incident response.
  • Understanding of cybersecurity principles, frameworks, and best practices.
  • Knowledge of network protocols, traffic analysis, and cyber-attack methodologies.
  • Familiarity with incident response processes, methodologies, and tools.
  • Strong problem-solving and analytical skills, with the ability to investigate and resolve security incidents effectively.
  • Security Certifications CompTIA Security+ or CySA+ certified (or similar). Desired Vendor Knowledge/Awareness (not all of the below expected)
  • Microsoft Defender
  • Microsoft Sentinel
  • Email Security tooling: o O365 o Mimecast o Proofpoint Key Competences required for the role:
  • Interpersonal Skills & Communication
  • Decision Making & Judgment
  • Continuous Improvement
  • Planning & Organizing
  • Passionate
  • Commercial Awareness
BenefitsMarket Related

Occupation:
IT, computing jobs


This job offer is not active at the moment.
Apply for a job
You have already applied to this job position
Save ad
Drivers code 10-14 with Pdp

Drivers code 10-14 with Pdp

Transnet company
Pinetown
Jobin.co.za
Drivers code 10-14 with Pdp

Drivers code 10-14 with Pdp

Transnet company
Bloemfontein
Jobin.co.za
Drivers code 10-14 with Pdp

Drivers code 10-14 with Pdp

Transnet company
Johannesburg
Jobin.co.za
Drivers code 10-14 with Pdp

Drivers code 10-14 with Pdp

Transnet company
Johannesburg
Jobin.co.za
Drivers code 10-14 with Pdp

Drivers code 10-14 with Pdp

Transnet company
Richards Bay
Jobin.co.za
Drivers code 10-14 with Pdp

Drivers code 10-14 with Pdp

Transnet company
Johannesburg
Jobin.co.za
Siyanda Bakgatla Platinum Mine jobs available 078 425 4101
Jobin.co.za
Oranje Hospital jobs available

Oranje Hospital jobs available

Oranje Hospital
Bloemfontein
Jobin.co.za