Job Description

Business unit, Department, Reporting Business Unit Sales & Solutions Department Cyber Security Job grade/level OP1

Core Description

The SOC Tier 1 Engineer is responsible for monitoring, detecting, and responding to security events and alerts in real-time. This role serves as the first line of defense in the Security Operations Center (SOC), ensuring timely identification and escalation of potential threats to safeguard organizational systems and data. Key Deliverables / Primary Functions Monitor real-time alerts from our SIEM, EDR, firewall, network and other security systems. Perform initial analysis and triage of security alerts: classify alerts, identify false positives, escalate genuine incidents to Tier 2/3. Review logs from servers, network devices, endpoints and applications to detect suspicious or anomalous behaviour. Document all investigations thoroughly: steps taken, findings, escalations, resolution. Maintain awareness of threat intelligence and apply known Indicators of Compromise (IOCs) in monitoring. Participate in shift hand-overs, SOC run-books, and ensure continuity across 24/7 operations. Work with the SOC Team Lead to improve monitoring rules, alerting logic and SOC process efficiency. Conduct daily checks on monitoring tools, ensure sensors and logs are operational and alerts are being generated appropriately. Collaborate with IT/Network/Endpoint/Infrastructure teams for any required forensic hand-off or investigation support. Core Functional Skills & Capabilities Cyber Incident Management Cybersecurity Attention to detail Communication Analytical Skills Core Behavioural Competencies Applying expertise & Technology Delivering Results & Meeting customer expectations Following instructions & procedures Job Match Presenting and Communicating information Deciding & Initiating Action Minimum Qualifications NQF 6: 3 year Degree/ Diploma/ National Diploma in IT/Computer Science or related field NQF 4: Grade 12 National Diploma Additional Education -Preferred /Advantage Experience

2-3 years' experience in SOC or security monitoring environment with basic networking knowledge: TCP/IP, DNS, HTTP/S, VPNs, firewalls and windows and/or Linux operating systems and common log sources. Certifications CompTIA Security+ Certification Microsoft Certified Engineer Professional Memberships in Relevant Industry Level of Engagement & Span of Control Special Requirements / Employment Condition Working Shifts Workplace / Physical Requirements Non-Billable