Senior SOC Engineer

  • Sandton, South Africa
  • Full-Time
  • On-Site
Apply now Refer
Job Description:

Senior SOC Engineer (Security Operations Centre Engineer)

Join a team of information security professionals with strong technical expertise and experience in addressing evolving cyber threats. The team focuses on understanding complex security challenges and delivering clear, practical, and actionable solutions to protect organisational data.

Our client is search for a SOC Engineer who will be responsible for designing, implementing, and optimising SOC platforms and security monitoring capabilities. The role focuses on SIEM administration, detection engineering, automation, and platform integration to ensure effective threat detection and response across client environments.

Minimum Requirements

  • IT/Cybersecurity qualification (Degree/Diploma)
  • 5 years + in SOC, SIEM, or security engineering
  • Experience with SIEM, EDR/XDR, SOAR, and cloud security
  • Scripting/automation experience advantageous
  • Certifications (e.g., Security+, CySA+, SC-200, CEH) preferred

Key Responsibilities

SIEM & Platform Management

  • Configure and maintain SIEM and security monitoring tools
  • Onboard and normalise log sources across environments
  • Ensure platform performance, data integrity, and issue resolution

Detection Engineering

  • Develop and tune detection rules and alerts
  • Align detections with MITRE ATT&CK and threat intelligence
  • Improve accuracy and reduce false positives

Automation & SOAR

  • Build automated response playbooks and workflows
  • Integrate platforms to improve SOC efficiency
  • Drive automation of repetitive tasks

Platform Integration

  • Integrate SIEM, EDR/XDR, cloud, and network security tools
  • Enhance visibility and telemetry across environments
  • Support secure configurations and proof-of-concepts

Operational Support

  • Support Tier 2/3 investigations and incident response
  • Participate in threat hunting and security initiatives
  • Assist with client onboarding

Information Security

  • Align activities to ISMS, ISO 27001, NIST, and CIS frameworks
  • Maintain confidentiality, integrity, and availability of data
  • Support audits and compliance activities

Technical Environment:

  • SIEM, EDR/XDR, IDS/IPS, Firewalls, WAF, Threat Intelligence
  • Cloud security: Azure, AWS, GCP
  • Systems: Windows Server, Linux, Active Directory, Entra ID
  • Scripting: PowerShell, Python, Bash, REST APIs - Advantageous

Qualifications & Certifications:

  • IT/Cybersecurity qualification (Degree/Diploma)
  • Certifications (e.g., Security+, CySA+, SC-200, CEH) preferred