Senior CSOC Analyst

Cape Town, Western Cape, South AfricaCape TownWestern CapeSouth AfricaAfrica

As a Senior CSOC Analyst, you are an active player within the Cyber Security Operations Centre (CSOC) using a variety of SIEM and security toolsets to meet the requirements of the business and its customers.

This is a hands-on role and requires broad technical knowledge, skills and abilities.

Although the focus is on Cyber Security, knowledge and/or experience of modern IT systems and infrastructure is advantageous to assist with the development and continuous improvement of the security platforms within Content + Cloud and its customer’s environments.


  • Work within a multi-disciplined CSOC team identifying, owning, progressing and resolving security incidents.
  • Perform the prompt and effective triage and investigation of security events and incidents applying sound problem-solving methods to determine scope, urgency, and potential impact.
  • Provide technical support for the identification and response to events or incidents of a suspicious or malicious nature and apparent security breaches.
  • Provide mentorship and technical escalation for our team of SOC Analysts
  • Perform vulnerability reviews and contextualisation
  • Deliver proactive threat hunting across the client base
  • Work with internal and external stakeholders to resolve computer security incidents and vulnerability compliance.
  • Drive customer satisfaction and continuously seek to improve operational performance
  • Maintain a continuous understanding of the threat landscape with in-depth knowledge around threat actors, TTPs and vulnerabilities


  • Excellent soft skills in the form of team working, problem solving and communication.
  • A keen self-starter who can evidence excellent customer service and can collaborate effectively.
  • Demonstrable experience working with SIEM technology, preferably within a CSOC / SOC environment
  • Demonstrable technical knowledge, skills and/or experience in intrusion analysis, and network and security investigation using a variety of security tools (EDR, DLP, AV, Snort, Wireshark, TCPdump etc.).
  • Working knowledge and experience of core security and infrastructure technologies (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS)
  • Strong knowledge of understanding of multiple operating systems.


If you click here you can read about some of the benefits this role attracts.

If work life balance is as important for you as it is for us, you'll like our remote-first hybrid working policy: four days per month in a C+C office or with your clients.

You'll get a chance to discuss with your manager about the days that work best for you and your team to meet in person

All recruitment and selection for Content+Cloud is guided by the principles of our Employment Equity Plan

Cyber Security Jobs by Category

Cyber Security Jobs by Location

Cyber Security Salaries