This website uses cookies to ensure you get the best experience.

​​BUI and our selected partners use cookies and similar technologies (together “cookies”) that are necessary to present this website, and to ensure you get the best experience of it. If you consent to it, we will also use cookies for analytics and marketing purposes.

See our Cookie Policy to read more about the cookies we set.

You can withdraw and manage your consent at any time, by clicking “Manage cookies” at the bottom of each website page.

Select which cookies you accept

On this site, we always set cookies that are strictly necessary, meaning they are necessary for the site to function properly.

If you consent to it, we will also set other types of cookies. You can provide or withdraw your consent to the different types of cookies using the toggles below. You can change or withdraw your consent at any time, by clicking the link “Manage Cookies”, which is always available at the bottom of the site.

To learn more about what the different types of cookies do, how your data is used when they are set etc, see our Cookie Policy.

These cookies are necessary to make the site work properly, and are always set when you visit the site.

Vendors Teamtailor

These cookies collect information to help us understand how the site is being used.

Vendors Teamtailor

These cookies are used to make advertising messages more relevant to you. In some cases, they also deliver additional functions on the site.

Vendors Youtube, Meta
Skip to main content
Cyber Security Operations Center (CyberSoc) · Bryanston · Hybrid

Cyber MXDR Consultant

Join our global team of extraordinary technologists!

BUI is an industry-leading technology consultancy and a Microsoft Azure Expert MSP, Microsoft Solutions Partner for the Microsoft Cloud, and Microsoft Security Experts MXDR Partner. We deliver advanced solutions across Cloud, Security, Networking, and Managed Services, supporting mid-market and enterprise organizations globally.

Our work is guided by three principles: Innovation, Delivery, and Results. At BUI, you’ll collaborate with highly skilled architects, consultants, developers, engineers, and security specialists to design and deliver sophisticated solutions that help our customers modernize, transform, and scale their businesses.

We offer an environment where expertise is valued, performance is recognised, and contributions are visible. If you’re looking to apply your skills in a business that combines technical excellence with meaningful impact, we invite you to apply.

The position

Cyber MXDR Consultant

Ideal Candidate Profile

The ideal candidate must be driven by curiosity and possess strong self-motivation and self-management skills, especially in remote working situations. You need to be a self-starter with critical and strategic thinking abilities, as well as strong troubleshooting and root cause analysis skills. Attention to detail, organizational, and analytical skills are essential.

Fluency in English, both written and verbal, along with good communication and presentation skills, is required. The candidate must have good work habits, a strong work ethic, and the ability to adhere to company policies and standard business etiquette.

Role Purpose

The Cyber MXDR Consultant plays a vital role in advancing threat detection, incident response and security posture maturity for clients. This client facing role demands technical expertise, investigative skills, and clear communication with both technical and business audiences.

The CYBER MXDR Consultant acts as technical escalation point for Cyber MXDR Analysts and is responsible for the consistent delivery of services, while also offering guidance and mentorship to team members. Participation in the on-call rotation for after-hours escalations is required.

Responsibilities

Security Event Monitoring and Incident Response:

  • Monitor, triage, and investigate security events from multiple channels including SIEMs, endpoint platforms, tickets, and communication systems.

  • Investigate security incidents promptly, ensuring effective containment, resolution, and adherence to MTTT and MTTR SLAs.

  • Lead and support threat investigations using advanced knowledge of attack techniques, networking, and security tools.

  • Collaborate with Cyber MXDR Senior Consultants and cross-functional teams during escalations

  • Maintain accurate investigation records and document outcomes

  • Document investigation steps, outcomes, and lessons learned

  • Provide contextual guidance to analysts during escalations and oversee the full lifecycle of incident management.

Platform Configuration and Optimization:

  • Develop, modify, and maintain detection use cases, correlation rules, and response playbooks tailored to client environments.

  • Recommend improvements to SOC/MXDR processes, procedures, and policies

  • Provide input on tuning detection rules, alert logic, and reducing false positives

  • Identify ineffective alerts and suggest enhancements

  • Contribute to configuration, tuning, and continuous optimization of SIEM, EDR/XDR, and related platforms to maximize threat visibility and detection precision.

  • Research, develop, and communicate solutions to detected security incidents promptly

  • Design and implement high-fidelity detection rules, dashboards, and automation playbooks aligned to the MITRE ATT&CK framework and client-specific risks.

Proactive Threat Hunting and Documentation:

  • Perform proactive threat hunting and research to detect evasive or hidden attacker behaviours.

  • Maintain thorough incident records, SOP’s, and contribute to internal documentation and client materials.

  • Prepare high-quality technical and executive-ready reports that translate security risks into actionable advice.

Security Assessments and Recommendations:

  • Perform comprehensive assessments of client environments to identify security control gaps, misconfigurations, and exposure to evolving threats.

  • Benchmark client environments against recognized industry frameworks such as

  • MITRE ATT&CK, NIST, and CIS to drive measurable security improvements.

  • Deliver tailored security recommendations and lead posture review sessions and

  • workshops with stakeholders.

Client Interaction and Team Collaboration:

  • Respond to service requests and lead client meetings, incident briefings, and reviews.

  • Coordinate escalations across multiple teams, ensuring smooth collaboration and knowledge transfer.

  • Conduct quality reviews of incident handling and contribute to continual improvement efforts.

  • Support client onboarding activities, including but not limited to baseline reviews and deployment of automated playbooks and response workflows.

  • Mentor Cyber MXDR analysts, promoting best practices within the team.

Qualifications, Skills & Competencies

  • A bachelor’s degree / diploma in a relevant area with a preference for Information Security, Computer Science or Computer Engineering.

Amazon Web Services:

  • CLF-C02 AWS Certified Cloud Practitioner

CompTIA:

  • Network+

  • Security+

  • CYSA+ - Cybersecurity Analyst

Microsoft:

  • AZ-900 – Microsoft Certified: Azure Fundamentals

  • MS-900 – Microsoft 365 Certified: Fundamentals

  • SC-900 - Microsoft Security, Compliance, and Identity Fundamentals

  • SC-200 - Microsoft Security Operations Analyst

  • MD-102 – Microsoft 365 Certified: Endpoint Administrator Associate

  • AZ-500 – Microsoft Certified Azure Security Engineer Associate

Linux Professional Institute (LPI):

  • 010-160 – Linux Essentials

  • 020-100 – Security Essentials

Python Institute:

  • PCEP– Certified Entry-Level Python Programmer

Qualys:

  • Vulnerability Management

  • Global IT Asset Inventory and Management

  • Advanced Scanning

Preferred Experience

  • Infrastructure and System Administration:

  • 3-5 years of experience in infrastructure support and system administration, including deployment, troubleshooting, and performance tuning in hybrid environments (on-premises and cloud).

  • Expert knowledge of operating systems, particularly Windows Server and Workstation, as well as Linux/Unix variants.

  • Extensive experience with endpoint deployment and configuration management tools Microsoft Intune is required. Microsoft SCCM is beneficial.

  • Proficiency in Amazon Web Services (AWS) beneficial.

  • Security Operations and Incident Management:

  • Advanced experience with SIEM platforms (Microsoft Sentinel required)

  • Advanced experience with Microsoft Defender XDR Solutions

  • 3-5 years of previous Security Operations Centre experience as a MXDR Analyst

  • Advanced expertise in security incident management, malware handling, vulnerability management, and use of MITRE ATT&CK-aligned detection methodologies.

  • Advanced experience with antivirus solutions, virus outbreak management, and attack pattern differentiation

  • Solid understanding of vulnerability scoring systems (CVSS/CMSS) and tracking mitigation effectiveness.

Cloud and Microsoft Azure:

  • Experience with Microsoft Azure, especially its security and monitoring capabilities, such as Azure Security Center, Microsoft Sentinel, and Azure AD.

Networking:

  • Advanced knowledge of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP.

  • Solid understanding of firewalls/security stack devices

  • Experience with web content filtering technology - policy engineering and troubleshooting.

  • Scripting, Automation & Tooling

  • Proficient in Python and Bash scripting

  • Advanced level KQL scripting

Communication and Collaboration:

  • Excellent written and verbal communication skills in English

  • Able to present findings clearly and contribute to reporting and documentation

  • Works effectively with team members, senior consultants, and clients

Department
Cyber Security Operations Center (CyberSoc)
Locations
Bryanston
Remote status
Hybrid

Current job openings

More jobs

Bryanston

Let’s work together

 Bring your talents, skills, and unique perspectives to a collaborative community of technology professionals. You’ll get the tools you need to do great work in a flexible environment. You’ll have time to learn new things. And you’ll be recognised and rewarded for your achievements.

Explore benefits and culture

About ​​BUI

BUI is a global technology consultancy and managed services provider specialising in cloud, security, and networking solutions for mid-market and enterprise organisations.

Deeply rooted in the Microsoft ecosystem, we’re proud to be a Microsoft Azure Expert MSP and Microsoft Solutions Partner for the Microsoft Cloud, with proven expertise across Business Applications, Data & AI, Digital & App Innovation, Infrastructure, Modern Work, and Security.

With offices in East Africa, South Africa, the United Kingdom, the Republic of Ireland, and the United States, we help businesses become more productive, secure, and resilient every day.

At BUI, we believe in innovation, collaboration, and continuous learning. If you’re passionate about technology and eager to make an impact, we’d love to hear from you. Explore our open positions and discover where your next career move could take you.

Cyber Security Operations Center (CyberSoc) · Bryanston · Hybrid

Cyber MXDR Consultant

Loading application form

Already working at ​​BUI?

Let’s recruit together and find your next colleague.

Applicant tracking system by Teamtailor