Job Description

THE OPPORTUNITY THAT AWAITS YOU
Do you thrive in high-stakes security environments-where speed, precision, and ownership make all the difference?
We're hiring Senior and Mid-Level SOC Analysts with proven expertise in Microsoft Sentinel, KQL, and modern detection/response workflows. In this role, you'll be part of a global security operations team safeguarding enterprise clients across complex industries such as oil & gas, supply chain, and manufacturing.
If you're passionate about threat detection, incident response, and deep-dive investigations, and you enjoy automating playbooks to stop real threats in their tracks, we want to hear from you.
WHAT YOU WILL BE WORKING ON?
Security alerts, escalations, and investigations across cloud and hybrid client environments
Custom detections using KQL and Microsoft Sentinel
Threat hunting projects aligned to MITRE ATT&CK
SOAR playbooks and automation for faster, smarter response
Dashboards, reporting, and detection logic tuning
Engagement with client-side security and ops teams
Collaborating with peers across UK, RSA, and global regions
YOUR KEY RESPONSIBILITIES
Lead or support real-time incident triage, analysis, and containment
Investigate advanced threats across multi-tenant or enterprise SOC environments
Build and improve detection rules, alerts, and dashboards
Develop and maintain response playbooks, integrating SOAR workflows
Stay up to date with emerging threats, TTPs, and adversary techniques
Represent the SOC team in stakeholder meetings and client reviews
Mentor junior analysts and contribute to ongoing capability uplift
OUR REQUIRED EXPERTISE
Technical Expertise
3-5+ years in a SOC or incident response function (MSSP experience a plus)
Proven experience with Microsoft Sentinel, EDR tools, Azure Security, and KQL
Familiar with SIEMs like Splunk, QRadar, LogRhythm, or Wazuh
Understanding of cloud platforms like AWS, Azure, or GCP
Strong grasp of MITRE ATT&CK, Cyber Kill Chain, and malware analysis fundamentals
Experience automating security workflows using Logic Apps, Power Automate, or similar
Problem-Solving & Ownership
Thrives on complex investigations and "why did this happen?" thinking
Strong documentation habits and a mindset of continuous improvement
Ability to work independently while driving collaborative outcomes
Collaboration & Communication
Confident communicator across technical and non-technical stakeholders
Able to explain risk, impact, and response to senior decision-makers
Comfortable managing multiple investigations across parallel client environments
Working Model: Remote-first (Cape Town based), aligned to UK business hours (RSA-based team)
For more roles, please have a look at our website ( ). or follow us on LinkedIn (

Skills Required