SOC Analyst
Hybrid · Cape Town, Western Cape, South Africa
Job Summary
SOC Analyst (Tier 2) with hands-on threat hunting and incident-response responsibilities across endpoints, networks, and cloud environments. Lead investigations, refine detections (SIEM/IDS/IPS/EDR), analyse logs and traffic to uncover attack techniques, support vulnerability remediation with Engineering, research emerging threats, and contribute to runbooks and playbooks. Open to growing expertise in cloud security and threat intelligence within a governance-focused SOC, delivering data-driven insights and high-quality reports to improve detection and prevention.
Required Qualifications
- 2+ years in a SOC or similar IT security and network operations environment with end-to-end incident investigations
- Hands-on use of Wazuh (or similar SIEM/IDS) for log analysis, detection, correlation, and tuning custom detection rules
- Exposure to endpoint detection and response (EDR) platforms (e.g., SentinelOne) and ability to analyse network traffic for anomalies
- Basic scripting skills (Python, Bash, or PowerShell) to automate investigations
- Experience supporting vulnerability management (e.g., reviewing scan results, remediation collaboration
- Familiarity with security monitoring practices to support ISO27001
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.