T1 Security Analyst

A company providing secure cloud transformation by combining Microsoft cloud technology with cyber security, and managed services is looking for a T1 Security Analyst in Cape Town.

This role will support the Tier 2 & Tier 3 Security Analysts in developing SOC & SOAR functions within the business, working closely with other teams as required to build services and solutions in accordance with both security good practice and client assurance requirements, including (but not limited to) Cyber Essentials and ISO27001.

You will be required to assist with support activities, working with members of the Security Operations team to ensure all SOC & SOAR operational tasks are completed on time and work tickets updated / closed with satisfactory technical details included, and where appropriate escalate suspicious / malicious events to senior team members or client incident response personnel in order to identify, contain and remediate active threats. You will also be required to maintain operational documentation, as necessary.

Tier 1 Security Analysts will be comfortable engaging at both technical and non-technical levels, participating as required in technical workshops. You will be working in an incredibly passionate environment, with great people in which you can actively contribute to develop and deliver our SOC & SOAR capability.

Location: Hybrid, Cape Town, South Africa

This is a shift role - 12-hour shifts with a 4-day on, 4-day off roster.

**DUTIES & RESPONSIBILITIES, NOT LIMITED TO**:
Strategy and Leadership:

- Tier 1 Security Analysts capable of maintaining performance within the Security Operations function.
- Provide information and support contribution on security matters as an Analyst within the Security Operations team.
- Participate in technical workshops and networking events.

Technical Specialism:

- Ability to understand and support the provision of security offerings such as Cyber Essentials, ISO27001 consultancy.
- Ability to support the provision of appropriate and proportionate assurance relating to Security Operations managed services.
- Ability to communicate in both technical and non-technical terms, tailoring approach to the audience.
- Self-motivated learner of technologies and methodologies to support best practice.
- Actively contributing to knowledge sharing across the business.

Security Operations:

- Gather information to contribute towards major incident handling within the SOC, and where applicable for clients
- Undertake monitoring activities
- Provide “hands on” resource, working to ensure objectives and client SLA targets are achieved.
- Provide input and assistance for stakeholder communication.
- Assist with the implementation of improvements as part of on-going service enhancement or “lessons learned” following incident investigation (cause and affect).
- Assist in the review of incident closures, post incident reports and act upon improvements identified
- Contribute to team development through knowledge sharing, briefing and production of guides, incident scenarios and playbooks.
- Maintain currency in relation to security concepts, tools and best practices
- Willingness to work on-call or shifts (including unsociable hours and bank holidays) as part of 24x7 team working

Business Operations:

- Ability to work effectively with internal systems such as Kimble, Teams, SharePoint and Office365.
- Effective personal resource and time management with a commercial approach to work.

Delivery and KPIs:

- Contribute to the full lifecycle of client solutions and service offerings, from proposition through to delivery and support.
- Communicate technical solutions in a clear, and concise approach for a variety of audiences from both a technical and business background.
- Contribute to well written and professional documentation, performance and client reports.
- Assist the Tier 2 & 3 Security Analysts and Head of Security Operations in development of new service offerings, procedures, techniques, and policies.
- Promoting and practicing high quality outcomes across all aspects of work.

**REQUIREMENTS**
- ITIL V3
- CompTIA Security (or equivalent)
- CompTIA Network (or equivalent)
- EC SOC Analyst or equivalent

Essential
- Demonstrable experience of operating within a security operations function.
- Strong IT Security knowledge, understanding the balance of business objectives and information security.
- A technical understanding of the security components and their impact.
- Good working knowledge of multiple SOC tooling including SIEM / SOAR
- Good understanding of network methodologies and OSI Model layers.
- Good understanding of network technologies, Routers, Switches, Firewalls, ID/IPS, WAF & Proxy’s etc.
- Experience of working at technical levels within a SOC service.
- Demonstrable ability to troubleshoot and fault find technical issues.
- Knowledge of Cyber Essentials and ISO27001:2013 standards
- Good communication and report writing skills.
- Knowled