SOC Analyst

Key Responsibilities

• Real-Time Security Monitoring: Conduct continuous monitoring of the bank’s SIEM (Security Information and Event Management) and EDR (Endpoint Detection and Response) consoles to identify suspicious activity across the network.
• Incident Triage & Classification: Perform the initial assessment of security alerts to determine their severity, validity, and potential impact on banking operations (e.g., distinguishing a false positive from a legitimate brute-force attack).
• Phishing & Email Analysis: Investigate reported suspicious emails and potential “Business Email Compromise” (BEC) attempts targeting bank employees or customers.
• Alert Escalation: Ensure timely and accurate escalation of verified high-priority threats to Level 2 Analysts according to the bank’s internal Service Level Agreements (SLAs).
• Threat Intelligence Integration: Utilize internal and external threat intelligence feeds to identify known malicious IP addresses, domains, and file hashes relevant to the financial sector.
• Documentation & Reporting: Maintain detailed logs of all alerts and actions taken within the ticketing system to ensure a clear audit trail for regulatory compliance (e.g., PCI-DSS).
• Vulnerability Awareness: Assist in identifying systems that are missing critical security patches or are running unauthorized software that could expose the bank to risk.
• Health Checks: Perform routine health checks on security tools and sensors to ensure the SOC has 100% visibility across all banking platforms.

Job Experience/Qualifications

• Bachelor’s degree in Information Technology, Computer Science, Computer Information System, Cyber Security, Cyber Forensic or any equivalent field.
• Familiarity with industry standards and regulations (e.g., ISO 27001, NIST, etc.)
• Proficiency in using security tools and technologies, such as firewalls, intrusion detection systems, SIEM, and vulnerability management tools.
• At least three years’ post qualification experience.
• Ability to read and interpret raw logs from various sources (Windows Event Logs, Firewall logs, Web Proxy logs).
• Knowledge of common attack vectors such as Phishing, SQL Injection, Cross-Site Scripting (XSS), and Ransomware.
• Familiarity with the phases of the Incident Response Life Cycle (Preparation, Detection, Analysis, Containment, Eradication, and Recovery).

Skills & Competencies

• Strong analytical and problem-solving skills to accurately distinguish between benign network anomalies and genuine security threats.
• Excellent written and verbal communication skills required to clearly document security incidents and present technical findings.
• High level of integrity and professional ethics when handling sensitive data and confidential customer information.
• Proven ability to remain calm and follow established security protocols during high-pressure emergency situations.
• Commitment to continuous learning by staying updated on the latest cybersecurity trends and emerging threats.
• Strong collaboration skills necessary to work effectively with cross-functional teams.
• Precision and meticulous attention to detail to ensure no critical security alerts are overlooked.
• Flexibility and resilience to work in a 24/7 rotating shift environment, including nights, weekends, and public holidays.

How to Apply

Submit your CV, together with a Cover Letter (maximum 1 page), to jobs@primebank.co.ke by close of business on Tuesday 12th May 2026.