Job Description

THE OPPORTUNITY THAT AWAITS YOU
Do you thrive in high-stakes security environments-where speed, precision, and ownership make all the difference?
We're hiring Senior and Mid-Level Cyber Security Analysts with proven expertise in Microsoft Sentinel, KQL, and modern detection/response workflows. In this role, you'll be part of a global security operations team safeguarding enterprise clients across complex industries such as oil & gas, supply chain, and manufacturing.
If you're passionate about threat detection, incident response, and deep-dive investigations, and you enjoy automating playbooks to stop real threats in their tracks, we want to hear from you.
WHAT YOU WILL BE WORKING ON?

• Security alerts, escalations, and investigations across cloud and hybrid client environments
• Custom detections using KQL and Microsoft Sentinel
• Threat hunting projects aligned to MITRE ATT&CK
• SOAR playbooks and automation for faster, smarter response
• Dashboards, reporting, and detection logic tuning
• Engagement with client-side security and ops teams
• Collaborating with peers across UK, RSA, and global regions

YOUR KEY RESPONSIBILITIES

• Lead or support real-time incident triage, analysis, and containment
• Investigate advanced threats across multi-tenant or enterprise SOC environments
• Build and improve detection rules, alerts, and dashboards
• Develop and maintain response playbooks, integrating SOAR workflows
• Stay up to date with emerging threats, TTPs, and adversary techniques
• Represent the SOC team in stakeholder meetings and client reviews
• Mentor junior analysts and contribute to ongoing capability uplift

OUR REQUIRED EXPERTISE
Technical Expertise

• 3-5+ years in a SOC or Cyber Security or incident response function (MSSP experience a plus)
• Proven experience with Microsoft Sentinel, EDR tools, Azure Security, and KQL
• Familiar with SIEMs like Splunk, QRadar, LogRhythm, or Wazuh
• Understanding of cloud platforms like AWS, Azure, or GCP
• Strong grasp of MITRE ATT&CK, Cyber Kill Chain, and malware analysis fundamentals
• Experience automating security workflows using Logic Apps, Power Automate, or similar

Problem-Solving & Ownership

• Thrives on complex investigations and "why did this happen?" thinking
• Strong documentation habits and a mindset of continuous improvement
• Ability to work independently while driving collaborative outcomes

Collaboration & Communication

• Confident communicator across technical and non-technical stakeholders
• Able to explain risk, impact, and response to senior decision-makers
• Comfortable managing multiple investigations across parallel client environments

Working Model: Remote-first (Cape Town based), aligned to UK business hours (RSA-based team)
For more roles, please have a look at our website ( ). or follow us on LinkedIn (

Skills Required