Junior SOC Analyst

  • Sandton, South Africa
  • Full-Time
  • On-Site
Apply now Refer
Job Description:

SOC Analyst

Reports To: SOC Manager
Location: Paulshof, Johannesburg (On-site)

Job Summary

The SOC Analyst is responsible for monitoring, investigating, and responding to cybersecurity incidents across client environments. This role supports Cyber Resilience's 24/7 Security Operations Centre through threat detection, incident analysis, threat hunting, and response coordination using SIEM, EDR/XDR, and threat intelligence platforms.

Key Responsibilities

Incident Detection & Investigation

  • Investigate and analyse security alerts, events, and incidents across endpoint, network, cloud, and identity environments.
  • Correlate events, validate incidents, and determine appropriate response actions.
  • Maintain accurate investigation records and case documentation.

Threat Hunting & Response

  • Conduct proactive threat hunting aligned to MITRE ATT&CK methodologies.
  • Identify indicators of compromise (IOCs), emerging threats, and attack patterns.
  • Coordinate containment and remediation activities with client IT and security teams.
  • Participate in incident response engagements and post-incident reviews.

Monitoring & Continuous Improvement

  • Review and improve detection effectiveness and alert accuracy.
  • Support development and tuning of detection rules and use cases.
  • Collaborate with SOC and Detection Engineering teams to enhance security monitoring capabilities.

Reporting & Communication

  • Prepare investigation reports and communicate incident status, risks, and recommendations.
  • Participate in shift handovers, operational reviews, and escalation management.
  • Ensure compliance with service levels and reporting requirements.

Information Security Responsibilities

  • Adhere to Cyber Resilience security policies and ISMS requirements.
  • Safeguard client and organisational information.
  • Support audit, compliance, and continuous improvement initiatives.

Requirements

  • Degree, Diploma, or equivalent qualification in IT, Cybersecurity, or a related field.
  • Minimum 3 years' experience in a SOC or cybersecurity operations role.
  • Hands-on experience with SIEM, EDR/XDR, threat intelligence, and incident response processes.
  • Strong understanding of MITRE ATT&CK, threat investigation techniques, and modern cyber threats.
  • Relevant certifications such as Security+, CySA+, CEH, SC-200, or equivalent are advantageous.