Security Operations Center Engineer (SOC)

Location: Addis Ababa

Organization: Kifiya

Deadline: April 29, 2026

Job Description

Department: CISO

Reports To: Head, Cyber Security

About Kifiya

Kifiya is an AI-powered financial and market infrastructure company advancing inclusive economic growth across Africa. We design and deploy risk decisioning systems, intelligent financial infrastructure, and market linkage platforms that unlock credit, insurance, payments, and capital access for MSMEs and smallholder farmers. We build the AI, data, and financial infrastructure that helps financial institutions serve hard-to-finance segments at scale.

Business Unit Description

The CISO Unit safeguards Kifiya’s enterprise systems, AI-driven financial infrastructure, data assets, internal technology stack, and digital transformation programs.

The unit ensures enterprise-wide protection, operational continuity, regulatory compliance, secure architecture design, and automation governance aligned with global best practices and financial sector standards.

Position Summary

The SOC Engineer is responsible for continuous monitoring of Kifiya’s enterprise security environment, detection of cyber threats, investigation of security incidents, and escalation of potential compromises affecting enterprise systems.

The role ensures that security telemetry across infrastructure, cloud platforms, applications, and identity systems is actively monitored and analyzed. The SOC Engineer plays a critical role in identifying suspicious activity early, supporting incident response operations, and improving detection capabilities across the organization.

Key Responsibilities

Security Monitoring and Threat Detection

Continuously monitor enterprise security systems for indicators of compromise.
Analyze alerts generated by security monitoring platforms.
Investigate abnormal system activity across infrastructure, applications, and identity systems.
Correlate security events from multiple sources to identify potential threats.
Maintain continuous situational awareness of enterprise security posture.

Incident Investigation and Escalation

Investigate potential security incidents including malware, phishing attempts, credential compromise, and system intrusion.
Document incident findings and escalate high severity incidents to the Director of Cyber Security.
Support incident response activities by collecting and analyzing security event data.
Maintain detailed incident logs and investigation records.

Threat Hunting

Conduct proactive threat hunting activities across enterprise systems.
Analyze historical logs and telemetry to identify potential undetected threats.
Identify patterns that may indicate sophisticated cyber attacks.
Recommend improvements to detection rules and monitoring coverage.

Security Monitoring Platform Management

Operate and maintain enterprise security monitoring platforms.
Ensure log ingestion from infrastructure, applications, and identity systems.
Tune detection rules to reduce false positives and improve detection accuracy.
Maintain monitoring coverage across all mission critical systems.

Phishing and Malware Investigation

Investigate suspected phishing attacks targeting employees.
Analyze malicious attachments and suspicious communications.
Coordinate with IT and cybersecurity teams to contain malicious activity.
Educate users when phishing activity is detected.

Detection Improvement and Continuous Monitoring

Improve threat detection capabilities through rule tuning and behavioral analysis.
Identify monitoring gaps and recommend improvements.
Ensure continuous evolution of detection capabilities as threats evolve.

Key Outputs

Security Monitoring

• Continuous monitoring coverage across enterprise systems
• Accurate detection of suspicious activity across infrastructure, applications, and identity systems

Incident Detection

• Rapid identification and escalation of cyber incidents
• Comprehensive incident investigation documentation

Threat Intelligence

• Identification of emerging threats targeting enterprise infrastructure

Monitoring Improvement

• Improved detection accuracy through tuning of monitoring systems.

Qualifications and Experience

• Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or related discipline.
• Minimum three to five years of experience in security operations or security monitoring roles.
• Experience working with security monitoring platforms and log analysis systems.
• Experience investigating security incidents and suspicious activity.
• Cybersecurity certifications such as Security+, CEH, or equivalent are desirable.

Core Competencies

• Security monitoring and incident detection
• Log analysis and event correlation
• Threat hunting techniques
• Incident investigation and documentation
• Security monitoring platform operation

Required Skills