View all jobs
Security Operations Support Engineer (JB6054)
Bryanston, Johannesburg, Gauteng · Information TechnologySecurity Operations Support Engineer (JB6054)
Location: Bryanston, Johannesburg
Salary: Market Related
Employment Type: Permanent
Our client is a forward-thinking business with a genuine commitment to staying ahead of cyber threats. The security operations team is technically sharp, tightly run, and quietly proud of the infrastructure they protect. If you want a role where your contribution shows up directly in the metrics, this one is worth a look.
As the Security Operations Support Engineer, you’ll be the person keeping security tools and data pipelines running reliably, day in and day out. This isn’t a role where you’ll be waiting for tickets to land in a queue. You’ll be proactively monitoring alert pipelines, getting into the details of security tool integrations, and using your analytical mind to investigate issues before they become incidents.
If you enjoy a mix of independent work and cross-functional collaboration, you’ll thrive here. You’ll be working closely with SOC, IT, and cloud teams, contributing to incident response, and building out automation that takes the repetitive tasks off the team’s plate. There’s also real scope to grow: whether that’s deepening your threat detection capability, sharpening your scripting skills, or contributing to larger security integration projects, the environment supports it.
The role does include participation in on-call rotations and occasional after-hours work during incidents or maintenance windows, so you’ll need to be comfortable with that reality. In return, you get a technically strong team, meaningful work, and a hybrid setup that gives you some flexibility.
What's in it for you:
Exposure to a broad range of security platforms and cloud environments.
The chance to build automation that has a real operational impact.
A technically strong, collaborative team that takes their craft seriously.
Scope to grow into more complex incident response and detection engineering.
Minimum Requirements:
2 to 5 years of experience in cybersecurity, SOC, or IT operations.
Solid understanding of networking fundamentals: TCP/IP, DNS, VPNs, firewalls.
Working knowledge of Windows and Mac operating systems.
Experience with security monitoring, logging, and alerting concepts.
Ability to independently troubleshoot and resolve technical issues.
Working knowledge of incident response processes.
CompTIA Security+, Certified SOC Analyst (CSA), or GIAC GSEC/GCIH is advantageous.
Experience with Splunk, Microsoft Sentinel, or Elastic Security is advantageous.
Familiarity with cloud platforms (AWS, Azure, or GCP) is advantageous.
Key Responsibilities:
Monitor system performance and alert pipelines to ensure reliability.
Investigate and resolve issues related to security tools and integrations.
Perform in-depth analysis of security alerts and escalate when necessary.
Support and actively participate in incident response activities.
Develop basic automation and scripts to streamline repetitive operational tasks.
Collaborate with SOC, IT, and cloud teams to address security gaps.
Assist with vulnerability management and remediation tracking.
Maintain and improve technical documentation, runbooks, and processes.
Contribute to security tool onboarding and integration projects.
Security Operations Support Engineer, Johannesburg, SOC, cybersecurity, SIEM, Splunk, Microsoft Sentinel, Elastic Security, incident response, vulnerability management, TCP/IP, cloud security, AWS, Azure, GCP, CompTIA Security+, GIAC, alert monitoring
Please do not apply using Scanned CVs; no supporting documentation is required at this point. This will be requested later.
Kontak Recruitment Disclaimer:
Equal opportunity: All backgrounds are welcome, with no bias. All are considered based on requirements.
Job specifics: Requirements mirror advertisement, duties may adjust for client needs.
Fair process: Fair assessment, only shortlisted candidates contacted due to volume.
Privacy: Data processed as per Privacy Policy. By applying, you agree to data handling. We safeguard applicant info.
Candidate verification: Candidates selected by the client are verified. False info may disqualify or end employment with the client.
Offer clarity: The Advert is not a binding offer. Written offers based on pre-employment conditions.
No direct link: Advert is not tied to Kontak Recruitment. We assist in the employment process ONLY.
Applicant Responsibility: Upon applying, confirmation of receipt for a specific advert is given. If no confirmation is received, you must verify with Kontak Recruitment.
Location: Bryanston, Johannesburg
Salary: Market Related
Employment Type: Permanent
Our client is a forward-thinking business with a genuine commitment to staying ahead of cyber threats. The security operations team is technically sharp, tightly run, and quietly proud of the infrastructure they protect. If you want a role where your contribution shows up directly in the metrics, this one is worth a look.
As the Security Operations Support Engineer, you’ll be the person keeping security tools and data pipelines running reliably, day in and day out. This isn’t a role where you’ll be waiting for tickets to land in a queue. You’ll be proactively monitoring alert pipelines, getting into the details of security tool integrations, and using your analytical mind to investigate issues before they become incidents.
If you enjoy a mix of independent work and cross-functional collaboration, you’ll thrive here. You’ll be working closely with SOC, IT, and cloud teams, contributing to incident response, and building out automation that takes the repetitive tasks off the team’s plate. There’s also real scope to grow: whether that’s deepening your threat detection capability, sharpening your scripting skills, or contributing to larger security integration projects, the environment supports it.
The role does include participation in on-call rotations and occasional after-hours work during incidents or maintenance windows, so you’ll need to be comfortable with that reality. In return, you get a technically strong team, meaningful work, and a hybrid setup that gives you some flexibility.
What's in it for you:
Exposure to a broad range of security platforms and cloud environments.
The chance to build automation that has a real operational impact.
A technically strong, collaborative team that takes their craft seriously.
Scope to grow into more complex incident response and detection engineering.
Minimum Requirements:
2 to 5 years of experience in cybersecurity, SOC, or IT operations.
Solid understanding of networking fundamentals: TCP/IP, DNS, VPNs, firewalls.
Working knowledge of Windows and Mac operating systems.
Experience with security monitoring, logging, and alerting concepts.
Ability to independently troubleshoot and resolve technical issues.
Working knowledge of incident response processes.
CompTIA Security+, Certified SOC Analyst (CSA), or GIAC GSEC/GCIH is advantageous.
Experience with Splunk, Microsoft Sentinel, or Elastic Security is advantageous.
Familiarity with cloud platforms (AWS, Azure, or GCP) is advantageous.
Key Responsibilities:
Monitor system performance and alert pipelines to ensure reliability.
Investigate and resolve issues related to security tools and integrations.
Perform in-depth analysis of security alerts and escalate when necessary.
Support and actively participate in incident response activities.
Develop basic automation and scripts to streamline repetitive operational tasks.
Collaborate with SOC, IT, and cloud teams to address security gaps.
Assist with vulnerability management and remediation tracking.
Maintain and improve technical documentation, runbooks, and processes.
Contribute to security tool onboarding and integration projects.
Security Operations Support Engineer, Johannesburg, SOC, cybersecurity, SIEM, Splunk, Microsoft Sentinel, Elastic Security, incident response, vulnerability management, TCP/IP, cloud security, AWS, Azure, GCP, CompTIA Security+, GIAC, alert monitoring
Please do not apply using Scanned CVs; no supporting documentation is required at this point. This will be requested later.
Kontak Recruitment Disclaimer:
Equal opportunity: All backgrounds are welcome, with no bias. All are considered based on requirements.
Job specifics: Requirements mirror advertisement, duties may adjust for client needs.
Fair process: Fair assessment, only shortlisted candidates contacted due to volume.
Privacy: Data processed as per Privacy Policy. By applying, you agree to data handling. We safeguard applicant info.
Candidate verification: Candidates selected by the client are verified. False info may disqualify or end employment with the client.
Offer clarity: The Advert is not a binding offer. Written offers based on pre-employment conditions.
No direct link: Advert is not tied to Kontak Recruitment. We assist in the employment process ONLY.
Applicant Responsibility: Upon applying, confirmation of receipt for a specific advert is given. If no confirmation is received, you must verify with Kontak Recruitment.