Description:
Build, configure, and maintain SOC tooling including SIEM, SOAR, EDR, and logging pipelines
Integrate new data sources and ensure clean, enriched, and complete log ingestion
Develop automation workflows that improve detection and response efficiency
Collaborate with SOC Analysts to improve detection quality, use cases, and dashboards
Enhance threat detection rules, correlation logic, and real-time monitoring capabilities
Support incident response teams with deep technical insights
Continuously improve the overall maturity of the SOC environment
What You Bring (your cyber flavour)
Degree in Cyber Security, Computer Science or Network Engineering
Minimum 2-5 + years in a SOC Engineer, Detection Engineer or similar security engineering role
Experience with one or more SIEMs (Azure Sentinel, Splunk, QRadar, Elastic, etc.).
Strong skills in log ingestion, parsing, enrichment, and correlation.
Scripting ability in Python, PowerShell, or Bash (automation = life).
Solid understanding of networking, threat detection, and security fundamentals.
Experience with EDR/XDR platforms (CrowdStrike, Defender, SentinelOne, etc.).
Bonus: Knowledge of MITRE ATT&CK, cloud security (AWS/Azure), or threat hunting.
Certifications That Impress (nice to have):
Microsoft SC-200 / SC-300
CompTIA CySA+ / Security+
Splunk Core / Enterprise Certified
Azure / AWS Cloud Certifications
Contact Penny Janse Van Rensburg on
12 Dec 2025;
from:
gumtree.co.za