SOC Analyst (Sandton) – Gauteng Johannesburg

Jan 21, 2025

ENVIRONMENT:

A leading company in mining technology, specializing in advanced analytics and solution, is seeking a proactive and detail-oriented SOC Analyst to join their Security Operations Centre (SOC) team. The SOC Analyst is responsible for real-time security monitoring, threat detection, incident response and cybersecurity risk management. This role involves analyzing security logs, investigating security incidents and ensuring the organization’s security posture is maintained. The ideal candidate should have a strong understanding of cybersecurity threats, SIEM tools, incident response and network security, along with the ability to identify and respond to evolving cyber threats effectively.

DUTIES:

  • Security Monitoring & Threat Detection
  • Continuously monitor security logs and alerts using SIEM (Security Information and Event Management) tools.
  • Analyse network traffic, endpoint activities and system logs for anomalies and suspicious behaviour.
  • Monitor firewalls, IDS/IPS (Intrusion Detection & Prevention Systems) and endpoint security tools.
  • Incident Response & Investigation
  • Investigate, analyse and respond to security incidents, breaches and alerts.
  • Perform initial triage, root cause analysis and escalation procedures.
  • Work with IT teams to contain, mitigate and recover from cyber incidents.
  • Document security incidents, findings and response actions for future reference.
  • Vulnerability Management & Risk Assessment
  • Conduct regular vulnerability scans to identify and mitigate security risks.
  • Assist in patch management processes to ensure system security.
  • Support IT teams in evaluating security controls and identifying potential gaps.
  • Security Tools & SIEM Management
  • Configure and fine-tune SIEM solutions (Splunk, QRadar, ArcSight, etc.) for better threat detection.
  • Assist in the deployment and management of security monitoring tools (IDS/IPS, EDR, Firewalls, etc.).
  • Ensure continuous improvement of security alerts and automation of security processes.
  • Threat Intelligence & Compliance
  • Stay updated on emerging cybersecurity threats, malware trends and attack vectors.
  • Assist in threat intelligence analysis and contribute to proactive threat mitigation strategies.
  • Ensure compliance with industry security regulations (ISO 27001, NIST, GDPR, HIPAA, PCI-DSS, etc.).
  • Participate in security audits and documentation for regulatory compliance.
  • Security Awareness & Training
  • Conduct security awareness training for employees, focusing on phishing, malware and social engineering.
  • Assist in cybersecurity drills, tabletop exercises and penetration testing support.

REQUIREMENTS:

Required:

  • 3-5 years’ experience in SOC operations, cybersecurity monitoring, or IT security.
  • Strong understanding of cybersecurity threats, malware and attack vectors.
  • Hands-on experience with SIEM tools (Splunk, QRadar, ArcSight, etc.).
  • Experience with firewalls, IDS/IPS, endpoint protection and VPN security.
  • Understanding of TCP/IP networking, threat hunting and log analysis.
  • Familiarity with Windows, Linux and cloud security environments (AWS, Azure, Google Cloud).
  • Basic understanding of forensic analysis, threat intelligence and risk assessment.

Preferred Certifications: Or Equivalents

  • CompTIA Security+ or CySA+ (Cybersecurity Analyst).
  • Certified Ethical Hacker (CEH).
  • Certified Information Systems Security Professional (CISSP) (Preferred for Senior Roles).
  • GIAC Security Essentials (GSEC) or GIAC Certified Incident Handler (GCIH).
  • ITIL Foundation (For incident management best practices).

Technical Skills & Tools

Security Monitoring & Threat Detection:

  • SIEM platforms: Splunk, QRadar, ArcSight, LogRhythm.
  • Endpoint Security Solutions: CrowdStrike, Microsoft Defender, SentinelOne, Carbon Black.
  • Firewalls & IDS/IPS: Palo Alto, Cisco Firepower, Fortinet, Snort, Suricata.
  • Threat Intelligence Tools: Virus Total, MITRE ATT&CK, Threat Intelligence Feeds.

Incident Response & Investigation

  • Digital Forensics & Malware Analysis: Autopsy, Volatility, Wireshark.
  • SOC Playbooks & Incident Handling Procedures.
  • Phishing & Social Engineering Analysis.

Network Security & Risk Management

  • Network Traffic Analysis: Wireshark, Zeek (Bro).
  • Penetration Testing & Red Teaming (Basic understanding).
  • Cloud Security Tools: AWS Security Hub, Azure Security Centre, Google Chronicle.

ATTRIBUTES:

  • Analytical & Critical Thinking – Ability to investigate security alerts and identify false positives.
  • Strong Communication & Collaboration – Works well with IT teams, security engineers and leadership.
  • Attention to Detail – Ability to detect subtle security anomalies and trends.
  • Ability to Work Under Pressure – Handles critical security incidents in a fast-paced environment.
  • Problem-Solving Skills – Quickly identifies threats and implements mitigation measures.

While we would really like to respond to every application, should you not be contacted for this position within 10 working days please consider your application unsuccessful.

COMMENTS:

When applying for jobs, ensure that you have the minimum job requirements. Only SA Citizens will be considered for this role. If you are not in the mentioned location of any of the jobs, please note your relocation plans in all applications for jobs and correspondence. Apply here [URL Removed] e-mail a Word copy of your CV to [Email Address Removed] and mention the reference number of the job.

Desired Skills:

  • SOC
  • Analyst
  • Sandton

Learn more/Apply for this position