We are recruiting for a SOC Analyst to join our growing team in our Cape Town office which is based near Observatory.
This is a 12 month fixed term contract.
Who Are We?
TLT Resourcing Ltd is a subsidiary of TLT LLP (‘TLT’), an award-winning UK-based law firm with a reputation for its innovative approach to delivering legal services.
Who We’re Looking For
We’re looking for thoughtful professional who brings both depth and perspective. You’re someone who can see the big picture while staying grounded in the details. You’ve built your expertise over time, and now you’re ready to collaborate in a way that lifts others up.
You’re not just skilled - you’re curious, adaptable, and committed to making legal work more accessible and impactful. You know how to navigate complexity, communicate clearly, and build trust across teams and clients.
If you’re passionate about using your insight to drive meaningful outcomes - and you care deeply about people along the way - we’d love to meet you.
What You’ll Be Doing
The SOC Analyst, will take ownership of advanced threat detection, investigation, and response activities, leveraging scripting and automation to enhance SOC capabilities and streamline operations.
The day-to-day responsibilities include:
- Monitor and triage security alerts using SIEM platforms, applying advanced correlation rules and custom KQL queries to identify suspicious activity.
- Investigate and respond to security incidents, performing root cause analysis, impact assessment, and containment actions across endpoints, networks, and cloud environments.
- Develop and maintain detection rules and use cases, leveraging threat intelligence and MITRE ATT&CK mappings to improve detection fidelity.
- Automate repetitive tasks and enhance detection/response workflows using scripting languages such as Python, PowerShell, Logic app, workflow and KQL.
- Create and maintain incident response playbooks, ensuring alignment with evolving threat landscapes and operational requirements.
- Perform threat hunting activities, proactively searching for indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) across the environment.
- Contribute to continuous improvement of SOC processes, including documentation updates, tuning of alert thresholds, and enrichment of log sources.
- Collaborate with infrastructure, cloud, and application teams to support remediation efforts and improve overall security posture.
- Participate in a 24/7 on-call rotation to provide out-of-hours support.
What You Bring
As a SOC Analyst, you’ll bring a proactive, analytical approach and a strong foundation in cyber operations. You’ll be able to demonstrate a similar supportive, flexible, and driven ethos, along with experience in:
- Operating, tuning, and configuring SIEM platforms (Sentinel, Defender for Endpoint, Defender for Cloud).
- Experienced in writing and optimising detection queries using KQL.
- Investigating and responding to security incidents across endpoints, networks, and cloud environments.
- Reviewing and analysing firewall logs and configurations.
- Scripting in Python and PowerShell to automate detection and response workflows.
- Managing and enhancing email and web filtering policies.
- Implementing and reviewing Data Loss Prevention (DLP) controls.
- Conducting threat hunting and leveraging threat intelligence to improve detection capabilities.
Certified in one or more of:
- CompTIA CySA+ (Cybersecurity Analyst)
- EC-Council Certified SOC Analyst (CSA)
- GIAC Certified Incident Handler (GCIH)
- Microsoft SC-200
- Microsoft Certified: Cybersecurity Expert (SC-100)
- SANS SEC511
- SANS SEC504
What Makes This Role Special
People-first culture: We believe that when people feel seen, supported, and valued, they do their best work. We foster a culture of respect, empathy, and belonging - where your voice matters and your wellbeing come first.
Inclusive environment: We welcome people of all backgrounds, identities, and experiences. Diversity isn’t just a value - it’s a strength.
Growth-focused: We support learning, development, and career progression. Whether you’re deepening your expertise or exploring new paths, we’ll back you.
Purpose-driven: Your work will help clients navigate legal challenges with confidence and clarity, making a real difference in their lives and businesses.
