Security Operations Center (SOC) Analyst

Role Title: Security Operations Center (SOC) Analyst
Team / Circle: Information Security
Reporting To: Head of Information Security

About Fincra
Fincra is a cross border payment infrastructure for banks, fintechs, platforms, and businesses. Fincra provides payment solutions that enable businesses to accept payments securely and make payouts.

Vision: To bring hope and liberation to every African
Mission: Building the rails for an integrated Africa

Role Purpose

This role is responsible for continuous monitoring, detection, investigation, and response to security threats across the organization’s infrastructure and applications. The SOC Analyst ensures early detection of malicious activity, minimizes the impact of security incidents, and supports the company’s objective of maintaining secure, reliable, and compliant financial systems. The role directly contributes to protecting customer data, preventing fraud, safeguarding financial transactions, and ensuring operational resilience of the organization’s digital platforms.

What you will be doing everyday

• Security Monitoring: Continuously monitor security alerts and logs from SIEM, EDR, WAF, cloud infrastructure, and network security tools.
• Incident Detection & Triage: Investigate and triage alerts to determine severity, impact, and validity.
• Incident Response: Participate in containment, eradication, and recovery activities during security incidents.
• Threat Analysis: Analyze suspicious activity, malware, and abnormal system behavior to determine potential threats.
• Log Analysis: Review logs from applications, network devices, cloud platforms, and operating systems for anomalies.
• Security Tool Management: Operate and maintain SOC tools such as SIEM, EDR, IDS/IPS, and vulnerability management platforms.
• Incident Documentation: Document incidents, investigation steps, and resolution outcomes.
• Escalation & Coordination: Escalate critical incidents to senior security staff and coordinate with engineering teams for remediation.
• Threat Intelligence Integration: Monitor threat intelligence feeds and incorporate relevant indicators into detection systems.
• Security Improvements: Provide recommendations to improve detection rules, security controls, and incident response processes

Required Competencies (Technical Skills)

The candidate should demonstrate proficiency in:

• Security Information and Event Management (SIEM) platforms (e.g., Sumo Logic, Sentinel, DataDog, )
• Endpoint Detection and Response (EDR) tools
• Log analysis and threat investigation
• Network security fundamentals (TCP/IP, DNS, HTTP, VPN)
• Cloud security monitoring (AWS,)
• Understanding of common attack techniques (MITRE ATT&CK framework)
• Incident response procedures
• Basic scripting or automation (Python, Bash, or PowerShell)
• Familiarity with vulnerability management tools
• Security monitoring across fintech infrastructure and APIs
• 4 - 5 years experience with Security monitoring across fintech or bank’s infrastructure and APIs

Relevant certifications (preferred but not mandatory):

• Security+
• CEH
• GIAC
• Blue Team certifications
• Cloud security certifications

Behavioural Competencies

The candidate should demonstrate:

• Strong analytical and investigative thinking
• Ability to work under pressure during security incidents
• Attention to detail when analyzing logs and alerts
• Strong communication skills for reporting incidents clearly
• Collaboration with engineering, infrastructure, and security teams
• Curiosity and continuous learning mindset in cybersecurity
• Ability to prioritize alerts based on risk and impact

Role Alignment with Company Goals

This role supports the company’s strategic objectives by:

• Protecting financial infrastructure and our payment platforms from cyber threats
• Reducing fraud and security incidents that may impact customers or financial operations
• Supporting regulatory and compliance requirements related to cybersecurity
• Strengthening operational resilience through proactive threat detection and response

By ensuring continuous monitoring and rapid incident response, this role helps maintain customer trust and operational reliability of the company’s financial systems.

Team Dynamics

The SOC Analyst will work closely with: Infrastructure Engineering, DevOps Teams, Fraud Monitoring Teams, Security Leadership. 

This role requires high collaboration and quick escalation during incidents.

Anticipated Challenges

• Managing high volumes of security alerts
• Distinguishing false positives from real threats
• Responding quickly to incidents affecting financial transactions
• Ensuring continuous monitoring across complex cloud infrastructure

Cultural competencies (Company culture that we don’t negotiate with)

● Humility: Embracing a growth mindset, listening actively, and valuing every team member’s contribution, regardless of role or level.

● Honesty: Ensuring transparency in all interactions, communications, and decisions.

● Excellence: Striving for the highest standards in execution, innovation, and service delivery to create meaningful impact.

● Love: Building a culture of empathy, care, and connection that fosters belonging and mutual respect.