Level 2 Security Operations Center (SOC) Analyst, (Johannesburg, Gauteng) – Permanent

We are seeking a skilled and motivated Level 2 Security Operations Center (SOC) Analyst with a strong focus on Microsoft Sentinel. As a member of our security team, you will be responsible for analysing, investigating, and responding to security incidents and alerts, with a particular emphasis on leveraging Microsoft Sentinel for threat detection and response.

This role requires a deep understanding of cybersecurity principles, incident response methodologies, and experience in working with security information and event management (SIEM) tools, particularly Microsoft Sentinel.

Key Responsibilities:

  • Monitor and analyse security events and alerts in Microsoft Sentinel, proactively identifying potential security incidents and threats.
  • Investigate and triage security incidents to determine their severity, impact, and root cause.
  • Conduct in-depth analysis of security events, logs, and network traffic to identify indicators of compromise (IOCs) and potential threats.
  • Develop and maintain standard operating procedures (SOPs) and playbooks for security incident response in collaboration with the SOC team.
  • Collaborate with cross-functional teams, including threat intelligence, network security, and incident response, to develop and implement effective security measures and controls.
  • Provide timely and accurate reports on security incidents, including the analysis of trends and patterns, to management and relevant stakeholders.
  • Participate in the continuous improvement of security monitoring and response processes, suggesting enhancements and implementing best practices.
  • Stay updated on the latest cybersecurity threats, vulnerabilities, and industry trends, and apply this knowledge to enhance security monitoring capabilities.
  • Assist in the training and mentorship of Level 1 SOC analysts, sharing knowledge and expertise in Microsoft Sentinel and other relevant security technologies.
  • Support incident response activities, including containment, eradication, and recovery, as needed.

Essential Competencies:

  • Strong experience in security operations and/or incident response
  • Solid understanding of cybersecurity principles, attack vectors, and common security threats.
  • Proficiency in working with Microsoft Sentinel, including advanced querying, rule creation, and playbook development.
  • Familiarity with security information and event management (SIEM) tools and technologies.
  • Experience with log analysis, network traffic analysis, and host-based forensics.
  • Knowledge of industry frameworks and standards, such as NIST Cybersecurity Framework or MITRE ATT&CK.
  • Excellent analytical and problem-solving skills, with the ability to think critically and make decisions under pressure.
  • Strong communication and collaboration skills, with the ability to effectively interact with cross-functional teams and stakeholders.
  • Relevant certifications, such as CompTIA Security+, Microsoft SC-200, eJPT, PNPT, OSCP, SOC-200, BTLO-1

Location & Type e.g. Remote/ Hybrid:

  • Johannesburg, Gauteng (Hybrid)

Minimum Requirements:

  • 3+ Years of experience with working in a security role (Microsoft Security experience beneficial)

Do you have what it takes? Contact Kivara Rajgopal on [Email Address Removed] or [Phone Number Removed];

Desired Skills:

  • SOC
  • Microsoft
  • Sentinel
  • Cybersecurity
  • SIEM

Desired Qualification Level:

  • Diploma

Learn more/Apply for this position