Lead Security Operations Center (SOC) Engineer

About

Our client is seeking a highly experienced and technically proficient Lead Security Operations Center (SOC) Engineer to join their established security team in Bloemfontein, Free State. This critical, in-office role will lead the day-to-day operations of the SOC, focusing on threat detection, analysis, and response. You will be responsible for guiding the SOC team, enhancing monitoring capabilities, and ensuring the timely and effective resolution of security incidents to protect the organization's assets.

Responsibilities

• Lead, mentor, and manage the Security Operations Center (SOC) team, providing technical guidance and fostering professional development.
• Oversee the continuous monitoring of network and system security to detect, analyze, and respond to security threats and incidents.
• Develop, implement, and refine security monitoring tools and processes, including SIEM, IDS/IPS, EDR, and threat intelligence platforms.
• Establish and maintain Standard Operating Procedures (SOPs) for incident detection, classification, and response.
• Conduct in-depth analysis of security alerts and events, performing forensic investigations when necessary.
• Lead the response to security incidents, coordinating efforts with relevant internal teams and external stakeholders.
• Stay abreast of the latest cybersecurity threats, vulnerabilities, and attack methodologies, and proactively adapt SOC strategies.
• Develop and maintain metrics and reports on SOC performance, incident trends, and key risk indicators.
• Collaborate with vulnerability management and penetration testing teams to ensure comprehensive security coverage.
• Contribute to the development and enhancement of the organization's overall security architecture and strategy.

The ideal candidate will possess deep technical expertise in cybersecurity, network security, and threat analysis. Strong leadership qualities, excellent problem-solving abilities, and the capacity to make critical decisions under pressure are essential. This role requires a proactive and analytical individual dedicated to maintaining a robust security posture.

Qualifications

• Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field.
• Minimum of 7 years of experience in cybersecurity operations, with at least 3 years in a leadership or senior technical role within a SOC environment.
• Extensive experience with SIEM platforms (e.g., Splunk, QRadar), EDR solutions, and other security monitoring tools.
• In-depth understanding of network protocols, operating systems, and common attack vectors.
• Proven experience in incident response, forensic analysis, and threat hunting.
• Excellent leadership, team management, and communication skills.
• Relevant security certifications such as CISSP, GCIH, GCIA, or OSCP are highly advantageous.
• Ability to work effectively in a high-pressure, fast-paced environment.

This is a critical role offering a significant opportunity to lead security operations and contribute to the resilience of a major organization.