SOC Analyst

This is a fully remote position, open to applicants in South Africa.

📋 Description

• **Responsibilities:**

• Manage the monitoring of security events and the incident response ticket queues, triaging as necessary to adhere to established service level agreements.

• Swiftly transfer cybersecurity tickets to the appropriate client or internal contact.

• Clearly communicate indicators of compromise, isolation measures, and remediation actions.

• Analyze and interpret logs from systems, security, and applications to diagnose issues, identify abnormal behaviors, and eliminate false positives.

• Efficiently utilize Endpoint Detection and Response tools to investigate alerts, anomalies, and create accurate timelines related to potential compromises.

• Adhere to established procedures for investigating, escalating, containing, or eliminating malicious activities.

• Prepare and deliver both written and verbal reports to clients, team members, and management, consolidating and conveying security information and metrics.

• Provide insights and suggestions for enhancing internal processes and procedures associated with SOC responsibilities.

• Engage in threat-hunting initiatives and other special projects as needed.

• Comprehend and adhere to our set of standards and processes that ensure predictable results for the client, maintaining awareness of and compliance with our standards.

• **Additional Responsibilities:**

• Maintain precise and up-to-date timesheets, documenting thorough notes on troubleshooting and client communications.

• Receive guidance and feedback from peers and other colleagues.

• When necessary, escalate complex issues to a more senior resource or other relevant teams.

• Review tickets in collaboration with the manager.

• Actively engage in Team Huddles, L10 Meetings, One-on-One Meetings, and other team gatherings.

• Generate and update documentation when changes occur or new findings are made.

• Attend monthly training and team meetings as required.

• Perform additional duties as necessary.

⛳️ Requirements

• **Qualifications:**

• A minimum of two years of experience in Information Security or related fields.

• Two or more current security-related industry certifications.

• Proficiency with SIEM platforms, firewall management, and endpoint detection and response platforms.

• At least one year of experience with EDR solutions, ESGs, vulnerability management, and content filtering.

• Strong problem-solving and decision-making abilities; capacity to understand and analyze complex issues.

• Self-driven, detail-oriented, highly organized, and capable of managing diverse tasks and responsibilities efficiently and with high quality.

• One of the following certifications is preferred: CompTIA Security+, CompTIA CySA+, CCNA, C|EH, SSCP, or an equivalent certification.

🏝️ Benefits

• Competitive salary and performance-based bonuses.

• Opportunities for professional development and certifications.

• Flexible work hours and remote work options.

• Comprehensive health, dental, and vision insurance.

• Paid time off and holiday leave.