Security Operations Center Engineer (SOC)

About the Job Location: Addis Abeba Department: CISO Reports To: Head, Cyber Security About Kifiya: Kifiya is an AI-powered financial and market infrastructure company advancing inclusive economic growth across Africa. We design and deploy risk decisioning systems, intelligent financial infrastructure, and market linkage platforms that unlock credit, insurance, payments, and capital access for MSMEs and smallholder farmers. We build the AI, data, and financial infrastructure that helps financial institutions serve hard-to-finance segments at scale. Business Unit Description The CISO Unit safeguards Kifiya’s enterprise systems, AI-driven financial infrastructure, data assets, internal technology stack, and digital transformation programs. The unit ensures enterprise-wide protection, operational continuity, regulatory compliance, secure architecture design, and automation governance aligned with global best practices and financial sector standards. Position Summary The SOC Engineer is responsible for continuous monitoring of Kifiya’s enterprise security environment, detection of cyber threats, investigation of security incidents, and escalation of potential compromises affecting enterprise systems. The role ensures that security telemetry across infrastructure, cloud platforms, applications, and identity systems is actively monitored and analyzed. The SOC Engineer plays a critical role in identifying suspicious activity early, supporting incident response operations, and improving detection capabilities across the organization. Key Responsibilities Security Monitoring and Threat Detection Continuously monitor enterprise security systems for indicators of compromise. Analyze alerts generated by security monitoring platforms. Investigate abnormal system activity across infrastructure, applications, and identity systems. Correlate security events from multiple sources to identify potential threats. Maintain continuous situational awareness of enterprise security posture. Incident Investigation and Escalation Investigate potential security incidents including malware, phishing attempts, credential compromise, and system intrusion. Document incident findings and escalate high severity incidents to the Director of Cyber Security. Support incident response activities by collecting and analyzing security event data. Maintain detailed incident logs and investigation records. Threat Hunting Conduct proactive threat hunting activities across enterprise systems. Analyze historical logs and telemetry to identify potential undetected threats. Identify patterns that may indicate sophisticated cyber attacks. Recommend improvements to detection rules and monitoring coverage. Security Monitoring Platform Management Operate and maintain enterprise security monitoring platforms. Ensure log ingestion from infrastructure, applications, and identity systems. Tune detection rules to reduce false positives and improve detection accuracy. Maintain monitoring coverage across all mission critical systems. Phishing and Malware Investigation Investigate suspected phishing attacks targeting employees. Analyze malicious attachments and suspicious communications. Coordinate with IT and cybersecurity teams to contain malicious activity. Educate users when phishing activity is detected. Detection Improvement and Continuous Monitoring Improve threat detection capabilities through rule tuning and behavioral analysis. Identify monitoring gaps and recommend improvements. Ensure continuous evolution of detection capabilities as threats evolve. Key Outputs Security Monitoring • Continuous monitoring coverage across enterprise systems • Accurate detection of suspicious activity across infrastructure, applications, and identity systems Incident Detection • Rapid identification and escalation of cyber incidents • Comprehensive incident investigation documentation Threat Intelligence • Identification of emerging threats targeting enterprise infrastructure Monitoring Improvement • Improved detection accuracy through tuning of monitoring systems About You Qualifications and Experience • Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or related discipline. • Minimum three to five years of experience in security operations or security monitoring roles. • Experience working with security monitoring platforms and log analysis systems. • Experience investigating security incidents and suspicious activity. • Cybersecurity certifications such as Security+, CEH, or equivalent are desirable. Core Competencies • Security monitoring and incident detection • Log analysis and event correlation • Threat hunting techniques • Incident investigation and documentation • Security monitoring platform operation Method of Application Qualified Candidates Apply Through: [email protected]