L2 SOC/Security Analyst
Apex Group
- Cape Town, Western Cape
- Permanent
- Full-time
- Correlating data from various sources to assess the impact on critical systems or data sets.
- Providing guidance on remediation and supporting the development of new analytic methods for threat detection.
- Applying emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and determine the scope of the attack.
- Reviewing and collecting asset data (configurations, running processes, etc.) on affected systems for further analysis.
- Performing advanced management and configuration of security monitoring tools (WSG, ESG, CASB, DLP, IDPS, SIEM correlation rules and queries, vulnerability management tools, etc.)
- Collaborating with other IT teams on log ingestion into the SIEM platform from all relevant log sources.
- Supporting Tier 3 with asset discovery and vulnerability assessment data, focusing on identifying and prioritizing vulnerabilities that pose significant risks to the organisation.
- Assisting Tier 3 with SOAR and Threat Intelligence implementation, as well as the development of incident automation rules and playbooks.
- Bachelors degree in computer science, CompTIA Cybersecurity Analyst (CySA+), SANS GCIA, related field, or equivalent experience..
- Minimum of 2-4 years of experience in cybersecurity operations, focusing on incident response and investigation.
- Advanced knowledge of standard security monitoring tools and protocols (WSG, ESG, CASB, DLP, IDPS, SIEM correlation rules and queries, vulnerability management tools, Threat Intelligence tools, etc.)
- Experience with log analysis, packet analysis, and forensic tools.
- Proficiency in scripting and automation tools (e.g., Python, PowerShell).
- Strong analytical and problem-solving skills.
- Ability to thrive in a fast-paced environment and manage multiple tasks simultaneously.