Senior Specialist: Cybersecurity Analyst
4 weeks ago
**ROLE PURPOSE**
As part of the Customer-facing Nexio SOC team, the Senior Specialist: Cybersecurity Analyst plays a critical role in monitoring, detecting, and responding to cybersecurity incidents within a Security Operations Center. The Cybersecurity Analyst utilizes incident handling methodologies to validate security events, assess severity levels, and provide guidance to SOC Analysts. By leveraging threat intelligence and conducting in-depth analysis, Cybersecurity Analyst identifies the scope of attacks, impacted systems, and potential perpetrators. The Cybersecurity Analyst ensures shift-related metrics are monitored, offers recommendations, and advises on containment and recovery steps. The Cybersecurity Analyst documents incidents, updates relevant documentation and supports the development of analytic methods for threat detection.
He/She should ideally have advanced security incident handling analysis experience in an established SOC environment and contribute to risk management, lead Blue Team exercises, mentor junior analysts, and develop playbooks for incident scenarios. The Cybersecurity Analyst monitors network traffic, investigates incidents, and collaborates with the SOC team to respond to threats or intrusions.
**ROLE REQUIREMENT**
- Is familiar with the tactical and long-term vision across the Cyber Security function.
- Adheres to the standard operating procedure and playbooks in the SOC.
- Impacts on Customer satisfaction and confidence in the SOC Service and service level performance.
- Provides security incident handling and technical guidance to SOC Teams.
- Gives regular, comprehensive, and constructive feedback, and coaching and mentoring to the team.
- Mentor junior analysts to enhance their effectiveness in their roles.
- Delegates work to team members taking into account their capacity, level of skill, and exposure to different types of work and complexity; provides clear instructions and direction, with reasonable deadlines.
- Validate and declare security incidents based on incident handling methodologies.
- Confirm severity levels (S0 to S4) using SLA severity classification.
- Provide guidance and support to SOC Analysts during incident response.
- Utilize threat intelligence, updated rules, and IOCs to identify affected systems and the extent of attacks.
- Conduct in-depth threat intelligence analysis to uncover attack types, data/systems impacted, and potential perpetrators.
- Monitor shift-related metrics and gather applicable reporting for the SOC Team Lead and SOC Manager.
- Make recommendations to SOC Team Lead and SOC Manager regarding additional analysis and required remediation.
- Determine the impact on critical systems or data sets and advise on remediation steps.
- Validate false positives, policy violations, intrusion attempts, security threats, and potential compromises.
- Suggest containment and recovery steps based on analysis findings.
- Document workload and output from each shift for service performance measurement.
- Formally document learnings and update relevant documentation such as shift logs and tickets.
- Provide support for analytic methods to detect threats and conduct further triage based on defined run books.
- Consolidate data through alert triage, providing necessary context before escalating to Operations and Security Engineering Teams for deeper analysis.
- Manage security events, incidents, and service requests via the ticketing systems.
- Identify alarms by intent and method, including reconnaissance, system compromises, and ingested log sources:
- Firewalls and network devices
- Infrastructure server and end-user systems
- Threat intelligence platforms
- Cloud and hybrid-IT provisioning, access, and infrastructure systems (Amazon Web Services)
- Antivirus systems
- Intrusion detection and prevention systems
- Similar in Scope source systems
- Validate and update initial tickets in the SIEM platform and Service Desk.
- Monitor event queues, investigate potential incidents, and escalate or close events as necessary.
- Validate investigation results and pass relevant details to the SOC Team Lead.
- Assess security controls based on cybersecurity principles and frameworks (e.g., CIS CSC, NIST SP 800-53).
- Analyze network traffic, characterize threats, and coordinate with cyber defense staff for validation.
- Document and escalate incidents, perform trend analysis, and report findings.
- Review security architecture, identify gaps, and recommend risk mitigation strategies.
- Plan and recommend modifications based on exercise results or system environment.
- Perform daily summary reports of network events and activity relevant to cyber defense practices.
- Provide timely detection, identification, and alerting of possible attacks, intrusions, and anomalous activities.
- Utilize cyber defense tools for monitoring and analyzing system activity, identifying and analyzing malicious behavior.
- Conduct analysis of network traffic, including net
-
Specialist: Cybersecurity Analyst
2 weeks ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Specialist: Cybersecurity Analyst plays a critical role in monitoring, detecting, and responding to cybersecurity incidents within a Security Operations Center. The Cybersecurity Analyst utilizes incident handling methodologies to validate security events, assess severity levels, and...
-
Specialist: Cybersecurity Analyst
4 weeks ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Specialist: Cybersecurity Analyst plays a critical role in monitoring, detecting, and responding to cybersecurity incidents within a Security Operations Center. The Cybersecurity Analyst utilizes incident handling methodologies to validate security events, assess severity levels, and provide...
-
Cybersecurity Incident Management Specialist
2 days ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Cybersecurity Incident Management Specialist is a crucial role within an organization's cybersecurity team. The primary responsibility of the Cybersecurity Incident Management Specialist is to detect, respond to, investigate, and mitigate cyber threats and incidents that occur within the...
-
Midrand, South Africa Nexio Full time**ROLE PURPOSE** Nexio is a specialist ICT solution provider that helps clients build, support, and manage their IT infrastructures. We have operations in all 9 provinces across the country, over 200 clients and over 600 employees and as a Level 1 BBBEE we put to practice our commitment to South Africa’s transformation agenda, we are at the forefront of...
-
Senior Specialist: Cybersecurity Threat Analyst
2 weeks ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Cybersecurity Threat Analyst will be responsible for monitoring enterprise networks and systems, deterring, identifying, investigating, and mitigating, any and all threats that are directed against those systems regardless of their classification level or type. The Cybersecurity Threat...
-
Cybersecurity Specialist
35 minutes ago
Midrand, Gauteng, South Africa Merafong ICT Full timeJob OverviewMerafong ICT seeks a seasoned Cybersecurity Specialist to join our team. The ideal candidate will have extensive experience in cybersecurity, particularly within a SOC environment.Key ResponsibilitiesLead and coordinate response efforts for major security incidents.Conduct deep-dive forensic analysis to understand the root cause and impact of...
-
Specialist: Cybersecurity Threat Analyst
2 weeks ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Cybersecurity Threat Analyst will be responsible for monitoring enterprise networks and systems, deterring, identifying, investigating, and mitigating, any and all threats that are directed against those systems regardless of their classification level or type. The Cybersecurity Threat...
-
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Cybersecurity Incident Manager is a crucial role within an organization's cybersecurity team. The primary responsibility of the Cybersecurity Incident Manager is to detect, respond to, investigate, and mitigate cyber threats and incidents that occur within the organization's network and...
-
Cybersecurity Analyst
4 weeks ago
Midrand, South Africa Fidelity Services Group Full time**Job Title**: Cybersecurity Analyst **Location**: Ulwazi Campus Midrand/Helderkruin **Reports to**: Information Security Manager** **Job Summary**: We are seeking a skilled and dedicated Cybersecurity Analyst to join our Cybersecurity team in the physical security industry. As a Cybersecurity Analyst, you will play a crucial role in ensuring the security...
-
Specialist: Cybersecurity Incident Manager
4 weeks ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Cybersecurity Incident Manager is a crucial role within an organization's cybersecurity team. The primary responsibility of the Cybersecurity Incident Manager is to detect, respond to, investigate, and mitigate cyber threats and incidents that occur within the organization's network and...
-
Cybersecurity Specialist
4 days ago
Midrand, Gauteng, South Africa Careers at DLK Group Full timeCareers at DLK GroupMidrand, South Africa | Posted on The Cybersecurity Specialist is responsible for safeguarding the organization's digital assets, networks, systems, and data. The role ensures robust security measures are in place to protect against threats, vulnerabilities, and unauthorized access while ensuring compliance with governance and regulatory...
-
Midrand, Gauteng, South Africa Epsidon Management and Marketing Consultancy Full timeRole OverviewCybersecurity Sales Specialist at Epsidon Management and Marketing Consultancy drives annual and quarterly targets by effectively managing business activities to support sales and generate incremental revenue.The role requires strong account management skills, effective communication, and the ability to drive sales and meet or exceed revenue...
-
Senior Specialist
2 weeks ago
Midrand, South Africa Communicate Recruitment Full time**IT Auditors with exposure to cybersecurity, this is your position!** Senior Specialist: Internal Audit (IT Controls) Gauteng, Midrand The most difficult aspect of this role is being able to balance audit and cybersecurity. If you have exposure to both then do apply. **Duties**: - Execute annual audit plans. - Document great audit reports. - Managing...
-
Cybersecurity Operations Specialist
39 minutes ago
Midrand, Gauteng, South Africa Merafong ICT Full timeJob OverviewMerafong ICT is seeking a highly skilled Cybersecurity Operations Specialist to join our team. In this role, you will be responsible for analyzing security threats and developing strategies to mitigate them.Key ResponsibilitiesIncident Response: Assessing and responding to security incidents in a timely and effective manner.Threat Hunting:...
-
Cybersecurity Sales Growth Expert
5 days ago
Midrand, Gauteng, South Africa Epsidon Management and Marketing Consultancy Full timeCybersecurity Sales EnablementEpsidon Management and Marketing Consultancy is looking for a highly skilled Cybersecurity Sales Specialist to enable sales teams with the necessary knowledge, skills, and resources to succeed in the market.The successful candidate will have a proven track record of success in sales, business development, or account management,...
-
Midrand, Gauteng, South Africa Epsidon Management and Marketing Consultancy Full timeCybersecurity Sales and EnablementEpsidon Management and Marketing Consultancy is seeking a highly skilled Cybersecurity Sales Specialist to drive sales growth and enable sales teams with the necessary knowledge, skills, and resources.The ideal candidate will have a proven track record of success in sales, business development, or account management, with a...
-
Cybersecurity and Infrastructure Leader
5 days ago
Midrand, Gauteng, South Africa Network Recruitment - Finance Corporate Full timeSenior IT Manager RoleThe successful candidate will oversee the servicing of computer systems and software, and maintenance of IT assets. Key responsibilities include implementing IT strategy and budgeting, managing infrastructure resources, disaster recovery, and cybersecurity measures.Key Responsibilities:Implement and manage IT strategy and budgetManage...
-
Business Partner Cybersecurity
3 weeks ago
Midrand, South Africa Siemens Energy Full timeExperienced Professional **How You’ll Make an Impact** - The foundation of your success is a university degree or equivalent experience in information technology, cybersecurity or a related field from a reputable college or university - You convince us with professional experience across different functions and businesses with a minimum experience of 5...
-
Cybersecurity and Risk Manager
5 days ago
Midrand, Gauteng, South Africa Careers at DLK Group Full timeJob DescriptionCareers at DLK Group are committed to protecting our digital assets, networks, systems, and data. As a Cybersecurity Specialist, you will be responsible for safeguarding our organization's security posture by ensuring robust measures are in place to protect against threats, vulnerabilities, and unauthorized access while adhering to governance...
-
Security Threat Analyst
42 minutes ago
Midrand, Gauteng, South Africa Merafong ICT Full timeJob SummaryMerafong ICT is seeking a seasoned Security Threat Analyst to join our team. The ideal candidate will have extensive experience in cybersecurity, particularly within a SOC environment.Key ResponsibilitiesIdentify and analyze sophisticated threats and vulnerabilities using advanced tools and techniques.Lead and coordinate response efforts for major...
