L1 SOC Analyst (Ref: DOSOCL1)

Position in the Information Technology sector in South Africa - Anywhere in South Africa
Posted On Friday 3 March 2023
Job Description:

Please email application through to


Main job function


Our client, a managed IT Support & Services company based in the UK are currently seeking the skills of a L1 SOC Analyst.


The main role of the L1 SOC Analyst is to provide level 1 support to the SOC, assist with security-related services and perform day to day SOC threat hunting and investigation activities.


The L1 analyst is responsible for attending to security related cases. This will include triage and investigation of alerts and from the SIEM and other platforms. You will be required to work collaboratively to monitor/investigate security alerts and events, follow procedures for investigation/escalation, and interact with their clients as needed. 

·        Ongoing threat hunting for clients and internally for Company.

·        Escalating cases to senior analysts for investigation.

·        Automating tasks, alert and report creation on SOC activities.

·        Continuous monitoring of and action on internal and client security systems.

·        Detecting and responding to security events and protecting information assets.

·        Assisting in delivering security services and products to clients.

·        Communication with customers as required: keeping them informed of incident progress, notifying them of impending changes or agreed outages, etc.

·        Product investigation and testing for the SOC.

·        Participate in internal meetings and events, such as team meetings and team to collaborate with your fellow team members to develop your skillset.

·        Perform regular training to remain aware of  the latest technologies, methodologies, etc.



·        Desirable Qualifications

·        Cybersecurity related certifications.

·        Microsoft SC-200

·        Microsoft AZ-900

·        Microsoft AZ-500

·        Comptia N+

·        Comptia S+



·        Experience in the following is required

o   SOC operations and tools (SIEM, EDR, etc.)

o   MSP/MSSP experience

o   Microsoft security stack (Intune, Azure, ATP, Defender)

o   1+ years in a SOC environment

·        Experience in the following is desirable

o   Microsoft Azure Sentinel

o   Scripting (PowerShell, Python, regex)

o   Other security tools a bonus

o   Control frameworks (ISO, PCI DSS, CIS, and/or NIST)

o   Working with remote team

o   2+ years in a cybersecurity environment

o   End Point Protection, Cloud Security, Security Incident and Event Management, Managed Anti-Virus Services.

o   Threat and security research and investigation

o   Conduct and develop security controls and put in measures to mitigate and prevent threats, vulnerabilities to prevent attacks on client environments

·        Soft Skills

o   Ability to communicate with all levels of a client’s employees.

o   Ability to present to C-level executives in a clear, concise and definitive way.

o   Comfortable interacting with a remote team.

o   Passion for all things CyberSec related.

o   Desire to protect clients and deliver value.

o   Organised and detail orientated.



A Consultant will be in touch if you are shortlisted for the position. Please consider your application unsuccessful should you not have been contacted within 2 weeks. We will keep your CV on our database and contact you should you match the criteria of any other vacancies.



Please contact Debra Olivier