Senior SIEM Engineer (Cybersecurity Analyst)
Share
Job Location:
Johannesburg - South Africa
Monthly Salary:
Not Disclosed
Posted on:
25 days ago
Vacancies:
1 Vacancy
Job Summary
Job Classification
Job req - 142582
Closing date - 24 October 2025
Job Family
Career Stream
IT Risk
Leadership Pipeline
FAIS Affected
Job Purpose
We are seeking a highly skilled and experiencedSenior SIEM Engineerto lead and enhance our Security Information and Event Management (SIEM) capabilities. The ideal candidate will have deep expertise inElastic and/or Splunk strongLinux and scripting skills and a solid understanding ofWindows systems firewalls IPS and EDR technologies. Experience in thefinancial sector particularlybanking is highly desirable.
Job Responsibilities
- Design implement and maintain SIEM solutions (Elastic/Splunk) across enterprise environments.
- Develop and optimize detection rules dashboards and alerts for threat monitoring.
- Integrate diverse log sources including Windows Linux firewalls IPS and EDRs.
- Automate tasks using scripting languages (Bash Python).
- Collaborate with incident response and threat intelligence teams to improve detection and response capabilities.
- Conduct regular health checks performance tuning and upgrades of SIEM infrastructure.
- Support compliance and audit requirements through log retention and reporting.
- Mentor junior engineers and contribute to capability development within the department.
- Write and maintain technical documentationfor SIEM configurations processes and playbooks.
- Apply an automation-first mindsetto streamline operations and reduce manual effort.
- Demonstrate strong attention to detailin rule creation log analysis and incident handling.
Essential Qualifications - NQF Level
- Diploma
- Advanced Diplomas/National 1st Degrees
Preferred Qualification
- Certifications such as GCIA GCIH Splunk Certified Architect Elastic Certified Engineer or similar.
- Exposure to regulatory frameworks (e.g. SARB POPIA PCI-DSS)
Preferred Certifications
Relevant Information Security Certification
Required Skills & Experience
- 5 years in cybersecurity operations or engineering roles.
- Proven experience with SentinelElastic Stack (ELK)and/orSplunk Enterprise Security.
- Proficient inLinux administrationand scripting (Bash Python).
- Familiarity withWindows event loggingfirewallsIPS/IDS andEDR platforms.
- Familiarity with different Cloud platforms.
- Experience inlog ingestion parsing and normalization.
- Understanding ofMITRE ATT&CK threat detection frameworks and incident response workflows is highly advantageous.
- Excellent problem-solving and communication skills.
- Experience with alert lifecycle management data indexing and case managementis highly advantageous.
Technical / Professional Knowledge
- Administrative procedures and systems
- Data analysis
- Governance Risk and Controls
- Principles of project management
- Relevant regulatory knowledge
- Relevant software and systems knowledge
- Cluster Specific Operational Knowledge
- System Development Life cycle(SDLC)
- TCP/IP
- Information Security terms and definitions
- Relevant Operating System
- Information Security policies and procedures
- Vendor Management Principles
Behavioural Competencies
- Applied Learning
- Communication
- Collaborating
- Customer Focus
- Initiating Action
- Managing Work
- Technical/Professional Knowledge and Skills
Please contact the Nedbank Recruiting Team at
Required Experience:
Senior IC
Key Skills
- Splunk
- IDS
- Microsoft Access
- SQL
- Cybersecurity
- Intelligence Experience
- Malware Analysis
- Tableau
- Analysis Skills
- SAS
- Data Analysis Skills
- Analytics
About Company
Stay connected to your wealth and us via our secure Nedbank Private Wealth site. You can transact and check your latest balances.
