Job Title

Cyber Security Engineer

South Africa, Gauteng
Back to jobs
Sign up or LoginApply Today
Market Related
Area: South Africa, Gauteng
Sector: Banking
Posted: 5 November 2025

Job Details

Purpose of the Role

We are seeking an experienced Security Analyst to join our cybersecurity team, adopting an AI and automation-first approach. The successful candidate will be responsible for monitoring, analyzing, and responding to security incidents across our cloud and endpoint infrastructure. This role requires strong analytical skills, cloud security expertise, and the ability to operate effectively in a fast-paced environment to protect our organization’s digital assets.

Experience and Skills Required

  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field

  • 3–6 years of experience in cybersecurity operations or SOC environments

  • Hands-on experience with cloud security platforms (AWS and Azure)

  • Proven experience in endpoint security and log analysis

  • Active engagement with industry trends to build future capabilities

  • Proficiency in AI and data analytics

Technical Skills

  • Proficient in AWS security services (CloudTrail, GuardDuty, Config, Security Hub)

  • Experience with Azure security tools (Security Center, Sentinel, Defender)

  • Knowledge of Endpoint Detection and Response (EDR/XDR) solutions

  • Familiarity with SIEM platforms and log analysis tools

  • Understanding of network protocols, firewalls, and intrusion detection systems

  • Experience with scripting languages (Python, PowerShell, Bash)

  • Knowledge of threat hunting methodologies and techniques

Certifications (Preferred) OR qualified by experience

  • Security+ or equivalent baseline security certification

  • Cloud security certifications (AWS Security Specialty, Azure Security Engineer)

  • SOC analyst certifications (GCIH, GCFA, GNFA)

  • Additional certifications such as CySA+, CISSP, or SANS training

Required Skills & Competencies
Analytical & Technical

  • Strong analytical and problem-solving abilities

  • Excellent attention to detail and ability to work under pressure

  • Proficiency in threat intelligence analysis and application

  • Understanding of attack frameworks (MITRE ATT&CK, Cyber Kill Chain)

  • Knowledge of compliance frameworks (SOC 2, ISO 27001, NIST)

  • Experience working with AI platforms and prompt-based automation

Communication & Collaboration

  • Excellent written and verbal communication skills

  • Ability to explain technical concepts to non-technical stakeholders

  • Strong documentation skills for incident reports and procedures

  • Collaborative mindset and ability to work across functions

Personal Attributes

  • Self-motivated and able to work independently

  • Adaptable to evolving security threats and technologies

  • Commitment to continuous learning and development

  • Willingness to work rotating shifts (nights, weekends, and holidays)

Reporting Structure

This position reports to the Head of Security and works closely with the broader IT and cybersecurity teams.

Key Responsibilities
1. Security Monitoring & Analysis

  • Monitor and analyze security alerts from AWS (CloudTrail, GuardDuty, Security Hub)

  • Review and investigate Azure Security alerts

  • Analyze endpoint device logs from EDR/XDR solutions to identify potential threats

  • Investigate Data Loss Prevention (DLP) alerts to prevent data exfiltration

  • Assess cloud security misconfigurations and recommend remediations

2. Incident Response & Investigation

  • Perform initial triage and investigation of security incidents

  • Document findings and maintain detailed incident records

  • Escalate critical security events per established protocols

  • Conduct forensic analysis on compromised endpoints and systems

  • Collaborate with IT teams to implement security remediation measures

3. Access & Permission Management

  • Monitor and investigate suspicious access patterns and permission changes

  • Review privileged account activity to identify potential insider threats

  • Analyze authentication logs and access control violations

  • Support identity and access management (IAM) security reviews

4. Threat Detection & Response

  • Detect, analyze, and respond to attacks targeting organizational endpoints

  • Utilize threat intelligence to enhance detection and prevention capabilities

  • Perform malware analysis and reverse engineering as needed

  • Develop, refine, and tune security detection rules and response playbooks

 

Share
Share
Share