Cybersecurity Operations Analyst

 

 

Key Responsibilities:

1.     Security Event Monitoring & Incident Handling

o    Monitor real-time alerts via Microsoft 365 Defender, Microsoft Sentinel, Cybereason, and Zscaler.

o    Perform first- and second-level triage, document incidents, and support resolution.

o    Work with managed service providers (MSPs) or third-party security providers as needed.

 

2.     Microsoft Secure Score & Compliance

o    Track and improve Microsoft Secure Score across Office 365 and Azure tenants.

o    Implement security best practices and remediate configuration gaps.

o    Maintain compliance with South African regulations (e.g., POPIA) and ISO 27001 controls.

 

3.     Vulnerability Management

o    Use Rapid7, Qualys, or Microsoft TVM to scan and report vulnerabilities.

o    Collaborate with infrastructure and application teams to manage risk-based remediation.

 

4.     Endpoint & Cloud Security Operations

o    Support Defender for Endpoint, Defender for Cloud Apps, Zscaler, and Cybereason.

o    Investigate suspicious user and system activity across endpoint, identity, and cloud layers.

o    Monitor Azure and Microsoft 365 security baselines via Lacework or Defender for Cloud.

 

5.     Security SOPs & Playbooks

o    Maintain operational procedures and contribute to playbooks for incident response.

o    Support internal and external audit processes with evidence and technical documentation.

 

Qualifications Required (South African Market Alignment):

·         Essential:

o    National Diploma or Bachelor’s Degree in Information Technology, Cybersecurity, or related field

o    3–5 years' experience in a technical cybersecurity, security analyst, or SOC role

o    Proven experience using Microsoft 365 Defender portal (https://security.microsoft.com)

 

·         Advantageous:

o    Microsoft SC-200: Security Operations Analyst Associate

o    Microsoft AZ-500: Azure Security Engineer

o    CompTIA Security+ / CySA+ / CEH

o    ISO 27001 Implementer or Auditor

o    Understanding of POPIA, NIST CSF, MITRE ATT&CK

 

Core Skills & Competencies:

Technical Skills Behavioural Competencies Microsoft 365 Defender portal fluency Strong attention to detail Sentinel SIEM/SOAR alert triage Analytical and investigative thinking Secure Score remediation – M365 and Azure Problem-solving mindset Rapid7 / Qualys / Microsoft TVM vulnerability scans Proactive and self-driven Zscaler / Cybereason / Lacework administration Ability to work under pressure Basic scripting (PowerShell, KQL) Effective communication (verbal & written) Endpoint, identity, and cloud workload protection Collaborative and team-oriented