Tier 1 Security Analyst (SOC) – Junior

About the role

We are seeking a motivated Junior Security Analyst to join our Security Operations Centre in Woodmead, Sandton. The role focuses on monitoring, detecting, analysing and responding to cyber‑threats across on‑premise, endpoint and cloud environments.

Key responsibilities

• Monitor security event queues in Microsoft Sentinel and ensure timely identification of threats.
• Perform triage, investigation and validation of alerts, distinguishing false positives from real incidents.
• Own incidents from detection through containment, escalation and closure according to SLA.
• Conduct threat‑hunting and proactive analysis using Azure Log Analytics (KQL) and other SIEM tools.
• Correlate data from endpoints, identity, network and cloud platforms to uncover attack patterns and IOCs.
• Respond to incidents such as endpoint compromise, phishing, credential abuse, lateral movement and data exfiltration.
• Assist in improving security controls, playbooks and incident‑response procedures.
• Maintain and operate security technologies including EDR/XDR, firewalls, IDS/IPS, email security and identity protection solutions.
• Produce detailed incident reports with root‑cause analysis and remediation recommendations.
• Collaborate with senior analysts and engineering teams on forensic investigations and remediation.

Required profile

• 3–5 years of experience in IT infrastructure, systems administration or technical support.
• 1–2 years of hands‑on experience in a SOC or security‑operations environment.
• Proven experience with Microsoft Sentinel and the Microsoft 365 security stack (Defender, Entra ID, Purview).
• Strong knowledge of Azure security concepts, including identity, networking and cloud controls.
• Solid understanding of networking fundamentals (TCP/IP, DNS, HTTP/S, VPNs).

Required skills

• Microsoft Sentinel
• Microsoft 365 Defender, Entra ID, Purview
• Azure Log Analytics and KQL
• SIEM tools and threat‑hunting techniques
• EDR/XDR solutions
• Firewalls, IDS/IPS
• Email security platforms
• Identity protection solutions
• Networking fundamentals (TCP/IP, DNS, HTTP/S, VPNs)