Our client, a supply chain intelligence company specializing in automation and analytics solutions to optimise mining operations, is seeking a proactive and detail-oriented SOC Analyst to join their Security Operations Centre (SOC) team in Lonehill, Sandton. The SOC Analyst will be responsible for real-time security monitoring, threat detection, incident response and cybersecurity risk management. Analysing security logs, investigating security incidents and ensuring the organisation’s security posture is maintained. The ideal candidate should have a strong understanding of cybersecurity threats, SIEM tools, incident response and network security, along with the ability to identify and respond to evolving cyber threats effectively.
Please Note: This is a 24×7 Security Operations (Rotational Shifts and standby may apply).
Minimum Requirements:
- 3-5 years’ experience in SOC operations, cybersecurity monitoring, or IT security.
- Strong understanding of cybersecurity threats, Malware and attack vectors.
- Hands-on experience with SIEM tools (Splunk, QRadar, ArcSight, etc.).
- Experience with firewalls, IDS/IPS, endpoint protection and VPN security.
- Understanding of TCP/IP networking, threat hunting and log analysis.
- Familiarity with Windows, Linux and cloud security environments (AWS, Azure, Google Cloud).
- Basic understanding of forensic analysis, threat intelligence and risk assessment.
Preferred Certifications / equivalent:
- CompTIA Security+ or CySA+ (Cybersecurity Analyst).
- Certified Ethical Hacker (CEH).
- Certified Information Systems Security Professional (CISSP) (Preferred for Senior Roles).
- GIAC Security Essentials (GSEC) or GIAC Certified Incident Handler (GCIH).
- ITIL Foundation (For incident management best practices).
Technical Skills & Tools:
Security Monitoring & Threat Detection:
- SIEM platforms: Splunk, QRadar, ArcSight, LogRhythm.
- Endpoint Security Solutions: CrowdStrike, Microsoft Defender, SentinelOne, Carbon Black.
- Firewalls & IDS/IPS: Palo Alto, Cisco Firepower, Fortinet, Snort, Suricata.
- Threat Intelligence Tools: VirusTotal, MITRE ATT&CK, Threat Intelligence Feeds.
Incident Response & Investigation:
- Digital Forensics & Malware Analysis: Autopsy, Volatility, Wireshark.
- SOC Playbooks & Incident Handling Procedures.
- Phishing & Social Engineering Analysis.
Network Security & Risk Management:
- Network Traffic Analysis: Wireshark, Zeek (Bro).
- Penetration Testing & Red Teaming (Basic understanding).
- Cloud Security Tools: AWS Security Hub, Azure Security Centre, Google Chronicle.
Desired Skills:
- SOC
- Security
- Malware
- SIEM
- Splunk
- QRadar
- IT Security
- Cyber Security
- ArcSight
- Firewall
Desired Work Experience:
- 2 to 5 years
Desired Qualification Level:
- Certificate