Back to jobs

SOC Senior Analyst

Cape Town

WHO WE ARE 

S-RM is a global intelligence and cyber security consultancy.  Since 2005, we’ve helped some of the most demanding clients in the world solve some of their toughest information security challenges.   

 

We’ve been able to do this because of our outstanding people.  We’re committed to developing sharp, curious, driven individuals who want to think critically, solve complex problems, and achieve success.   

 

But we also know that work isn’t everything. It’s about the lives and careers it helps us build.  We’re immensely proud of this culture and we invest in our people’s wellbeing, learning, and ideas every day. 

 

We’re excited you’re thinking about joining us. 

WORKING IN CYBER AT S-RM 

Our Cyber Security division is the fastest-growing part of S-RM. The cyber sector is always evolving, and our Advisory, Ethical Hacking, and Incident Response practices are in more demand than ever.  

 

We’re building a team to meet this challenge.  We’re quick to respond, innovate, and improve.  We don’t get too hung up on hierarchy or bureaucracy.  If your ideas are good enough, we’ll empower you to implement them.  If you’re the best person to talk to a customer, you’ll get that opportunity, regardless of the title in your email signature. And when you need a hand, your team will always have your back. 

 

We also don’t believe there’s a typical cyber security professional.  We’ve built a team of intelligence analysts, technical specialists, software developers, investigators, risk managers, and more.  You’ll always find a range of perspectives and expertise to help you learn and grow.  

 

If that sounds like your kind of team, we’d like to hear from you. 

 

 

 

 

 

 

 

THE ROLE 

Our Security Operations Centre is a critical part of our Cybersecurity division’s success.  

 

As a Senior Analyst (SOC), you will deploy your cybersecurity expertise in a vital delivery role across our managed detection and response services.   

 

In this role, you will exploit infrastructure and tools that power our Security Operations Center (SOC) to deliver desired security outcomes for our managed services clients. The ideal candidate will be highly proficient in using security platforms such as SIEM, SOAR, EDR, and other advanced security technologies. You will have experience leading other analysts or sub-teams in a SOC environment and be comfortable acting as a point of escalation. As a senior analyst, you will be responsible for high-level incident management, process improvement, and mentoring junior analysts. This hybrid role involves both remote work and some in-office presence for collaboration, teamwork and development projects.  

 

Delivery 

  • Lead Security Operations: Oversee day-to-day SOC team activities, ensuring efficient monitoring, detection, and response to security threats across the organization. 
  • Incident Response: Lead and coordinate responses to high-severity security incidents, conducting in-depth analysis, containment, and remediation as required. 
  • Team Leadership: Provide guidance and mentorship to junior SOC analysts, fostering skill development and ensuring adherence to security best practices. 
  • Threat Hunting: Conduct proactive threat hunting exercises, using EDR, CTI and other cybersecurity tools to uncover hidden threats. 
  • Threat Intelligence: Stay up-to-date on the latest cybersecurity threats, vulnerabilities, and attack techniques, and integrate threat intelligence into detection and response efforts. 
  • Incident Reporting and Documentation: Ensure all incidents are thoroughly documented, including timelines, analysis, mitigation steps, and lessons learned, and deliver regular reports to stakeholders. 
  • Participation in an OOH On-Call Rota: 2 weeks in every 4 initially. 

Growth of the service 

  • Optimise Detection Rules: Enhance detection capabilities by fine-tuning rules and automating responses within our EDR and SIEM. 
  • Continuous Improvement: Collaborate with the SOC Manager to develop and implement SOC strategies, improve processes, and introduce new technologies to strengthen security posture. 
  • Collaboration: Collaborate with SOC analysts, security engineers, and IT teams to ensure seamless operation of security tools and alignment with broader cybersecurity practices. 
  • Security Enhancements: Identify areas for improvement in security monitoring and response capabilities, proposing and assist with implementing new solutions where appropriate. 
  • Technology Management: Work with our technical team on the wider technology roadmap and with vendors to assess new tools and services and stay up to date on the latest capabilities. 
  • Training and Mentoring Staff: Be a source of advice and knowledge to enhance the technical and professional skills of SOC team members. 
  • Collaborating with Global Teams: Work closely with other cyber security teams to ensure seamless integration of SOC operations with our broader cybersecurity initiatives and business units especially Incident Response. 
  • Contributing to Internal Technical Development Initiatives: When the schedule allows, you will have opportunities to participate in and contribute to internal technical development initiatives, enhancing our tools, processes, and overall incident response capabilities. 

WHAT WE’RE LOOKING FOR 

Candidates with the following qualifications and experience are likely to succeed in our Managed Services practice at S-RM.   

 

That said, if you don’t think you meet all of the criteria below but still are interested in the job, please apply. Nobody checks every box—we’re looking for candidates that are particularly strong in a few areas and have some interest and capabilities in others. 

 

We nurture a culture of equality, diversity and inclusion and we are dedicated to developing a workforce that displays a variety of talents, experiences and perspectives. 

 

We’re looking for: 

 

  • Qualifications: A Bachelors or Masters degree in a relevant subject, for example cybersecurity, computer science; relevant industry certifications are advantageous, including any of the following: CISSP, CISM, GCFA, GSOC, GREM, GCWN, GCED, CCNA, OSCP, Network+ and Security+ 
  • Experience: 3+ years of experience in a SOC or cybersecurity operations role, with demonstrated team leadership / supervisory experience. 
  • Technical Expertise: Strong understanding of EDR and Secops toolsets ideally SentinelOne and Microsoft Defender for Endpoint, with experience configuring and leveraging these tools for incident detection and response. 
  • Incident Response Proven ability to lead incident response efforts, including point of entry, malware analysis, threat actor investigations, and root cause analysis. 
  • Leadership:  Experience mentoring junior SOC analysts, with good communication and team-building skills. 
  • Approach: An investigative mindsetYou should be comfortable solving problems with limited information and guidance. 
  • Threat intelligence: Some demonstrable knowledge of cyber threat actors, and their tactics, techniques, and procedures.  
  • Threat Detection: Understanding of security monitoring, threat detection techniques, and the ability to tune detection systems for optimal performance. 
  • Communication: Clear and concise communication skills, with the ability to work effectively across teams; you should be able to communicate your technical findings for a non-technical audience in a professional setting.  Able to vet and quality assure incident reports and summaries. 

The successful candidate must have permission to work in South Africa by the start of their employment. 

To apply for this role, please submit an up-to-date CV through this link: Job Application for SOC Senior Analyst at S-RM

Apply for this job

*

indicates a required field

Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf