SOC Analyst

**SOC Analyst (cybersecurity) (mid & senior level)**
- **We do have a great company culture with a hybrid / remote work policy**_

The Nclose MDR (Managed, Detection & Response) Team is growing at a rapid rate and we are looking to add some more awesome, **experienced **team players This is to build our mid and senior level to assist with the juniors and Interns as well as help with the more complex scenarios experienced.

This position is suitable for the individual that wants to further their career in cyber security and contribute positively to the **BLUE TEAM** side of cybersecurity.

**Required Experience**
- **At least 3 - 5+ years of cyber security experience working in a technical environment.**:

- BSc in Computer Science or any IT diploma/degree (beneficial)
- Preferred Technology experience: Splunk; Qradar; Elastic stack or other SIEM technology
- Experience working in a SOC / CSIRT or equivalent.
- Demonstrable networking experience, including assessing suspicious network activity.
- CySA+/PenTest+/Elearn Security Certificates/Blue Team Certificates (beneficial)
- Strong understanding of the attack chain and critical incidents (DFIR Reports)
- Some red teaming experience (beneficial) - purely for understanding and dealing with blue team incidents.
- Incident Response investigation experience
- Some experience with creating rules for detection.
- Thorough knowledge of common OS’s.
- Understanding of malware capabilities, attack vectors, propagation and impact
- Incident management and escalation process
- Excellent written and verbal communication skills
- Experience implementing leading best practice procedures (advantageous)
- Strong analytical skills with the ability to assess cyber risks.
- Excellent IT literacy (hardware and software), a passion and curiosity for IT and cybersecurity topics, and the desire to learn and build their career with us.
- Detail-oriented, process-oriented, and thorough
- Flexible and open to change and dynamic responsibilities.
- Willingness to work in a team environment to improve efficiencies and solve problems as a team.
- Have a broad understanding of IT systems in general. Any specialisations will be beneficial.

**What you will be doing**:

- Investigate incidents to determine if they are false positives or if they require in-depth investigation.
- Investigate cases to root cause. Where required escalate or liaise with team members to assist in determining outcome. Communication to clients is key to ensure that cases can be closed with success.
- Review, document and refine response procedure for alerts to ensure it is as effective as possible.
- Develop, analyse, and report on alerts and their effectiveness. Work with detection teams to fine-tune detectors to make them less likely to create false positives.
- Work with detection and infrastructure teams to optimise response workflow through automation, orchestration or using other innovative methods.
- Monitoring alert queues, responding to security alerts and incidents.
- Manage cybersecurity incidents through to resolution.
- Help drive forward good conduct for the business to deliver the best outcomes for customers / stakeholders.
- While investigating incidents, identify weaknesses in clients defences to help drive continuous improvement.

**To apply, please send your motivation and detailed CV to**

**Job Types**: Full-time, Permanent

**Salary**: From R30 000,00 per month