Role Responsibilities Key responsibilities for this role may include: Incident Detection & Response :Lead the triage, investigation, and classification of security events using SIEM and other toolin gTake ownership of end-to-end handling of medium to high-severity incidents, coordinating containment and remediation effort sMaintain detailed incident records, including timelines, impact assessments, root cause analysis, and mitigation step sAct as an escalation point for Tier 1 analysts, guiding initial response actions and validating escalation sParticipate in on-call or out-of-hours technical support where appropriat e Threa t Intelligence and Analysi s:Perform in-depth analysis of suspicious activity, identifying indicators of compromise and attribution patter nsLead threat intelligence sharing within the organisation and with external partne rsMentor Tier 1 staff in interpreting threat data and logs during investigatio ns Security Monitor ing and Detection Engineeri ng:Conduct continuous security monitoring of network traffic, endpoints, and critical syst emsProactively tune and improve SIEM rules, alerts, and correlation logic to reduce false positives and increase detection fidel itySupport onboarding of new data sources into SIEM and help define parsing, enrichment, and correlation lo gicLead investigations into recurring false positives or noisy alerts and propose sustainable resoluti onsSupport deployment and configuration of security tool ing Compliance, Reporting and Documentat ion:Lead security audits and assessments, providing evidence of SOC activities and cont rolsMaintain accurate records of all events handled, including triage notes and escalation deta ils.Lead the delivery of incident and vulnerability summaries to the management team and customers as part of Service Reviews or Security Working Gr oupsLead post-incident reviews and document lessons lea rnedEnsure compliance with industry standards, regulations, and internal security poli ciesPrepare and present regular reports and metrics on SOC operations and overall security pos ture Vulnerability Manage ment:Coordinate and support risk-based prioritisation of vulnerability remediation ef fortsSupport vulnerability lifecycle management, including exception handling, patch validation, and repo rtingProvide vulnerability remediation guidance based on CVSS scores, threat context and business im pacts Collaboration and knowledge sh aring:Act as a technical mentor to Tier 1 analysts, supporting their development and escalation ha ndlingWork closely with other IT teams (e.g., Network, Architecture, and Development teams) to identify and resolve security issuesShare insights, threat intelligence, and incident learnings to improve the overall security posture of the organi zation Continuous Impro vement:Identify gaps in detection, response, or processes and propose pragmatic, measurable impro vementsLead small initiatives to improve SOC efficiency, such as automating repetitive tasks or improving alert triageContribute to maturity efforts such as MITRE ATT&CK mapping, control gap analysis, or threat mo delling How to applyBy click ing t he APPLY button you will be directed to our recruitment pages, please spend the next few minutes completing the final application steps and uploading your CV, so we can consider your interest in the role in full. E xperience (p referred)1 to 3 years of hands-on experience in a SOC or similar security operations role, with demonstrable exposure to incident response, security monitoring, or threat analysisExperience handling real-world security incidents and working with SIEM, EDR, or vulnerability managem ent toolsCandidates with strong practical experience through labs, home projects, certifications, or internships may also be considered if they can demonstrate applied knowledge at a Tie r 2 level Education:Bachelor’s degree in Computer Science, Information Security, Cyber Security or related field, or equivalent experience desirable. Certifications ( preferred):Any SIEM-specific certification or vendor-specifi c training.Relevant cybersecurity certifications such as Certified Cloud Security Professional (CCSP) or other relevant security certifications, Security (CompTIA), CEH (Certified Ethical Hacker), BTL1, BTL2 or others are highly desirable but not essential. Techn ical Skills: Proficient in using SIEM platforms such as LogRhythm, Elastic SIEM, Microsoft Sentinel or similar for monitoring and analysisSolid understanding of network protocols, firewalls, intrusion detection/prevention systems (IDS/IPS), and endp oint securityHands-on experience with log analysis and alert triage, vulnerability scanning and patching and inci dent responseWorking knowledge of cyber security and compliance frameworks (NIST, ISO 27001, MITRE ATT&CK).Experience or strong interest in using scripting and automation for securi ty operation s Soft Skills:Excellent written and verbal communication skills, with the ability to convey information to both technical and non-technica l stakeholdersStrong analytical mindset with keen attention to detail and s ound judgementAble to follow standard operating procedures with disciplin e and accuracyEager to learn, ask questions, and develop professionallyComfortable working in a fast-paced team environment and managing multi ple prioritiesProactive in seeking opportunities to learn and grow with a curious, problem-s olving mindset SecureCloud is an equal opportunities employer and does no t discriminate on the basis of age, sex, colour, religion, race, disability, or sexual orientation. Our hiring decisions are based on an individual’s experience and qualifications for the job advertis ed. How to apply By cl icking the APPLY button you will be directed to our recruitment pages, please spend the next few minutes completing the final application steps and uploading your CV, so we can consider your interest in t he role in full.