- Identification, quantifying and tracking of cyber security incidents across the organisation.
- Triage and management of information security events including, where necessary, participation in security incident management.
- Regularly engage with other security technologists and be expected to demonstrate deep knowledge and understanding of various security concepts.
- Building client relationships and establishing credibility by demonstrating knowledge of various aspects of cyber security platforms
- Security administration and auditing of privileged systems access.
- Development and maintenance of security processes and procedures.
- Assist in maintaining and tracking all information security related documentation to ensure they remain relevant, appropriate and up to date
- Respond to inbound Change Requests (CRs), Service Requests (SRs), Queries for handling Incident Management.
- Candidate should possess the ability to work under pressure with extreme deadlines, prioritize projects & tasks, and maintain focus in a dynamic environment.
- Bachelor’s degree in a related discipline or equivalent experience/combined education
- Minimum 3 years of relevant working experience within cyber security operations environment as well as managing incident response
- Strong knowledge on networking such as TCP/IP, switching / routing and Cybersecurity Concepts.
- Well-verse in network packet analysis using analysis tools such as wireshark and experience in various operating systems i.e. Windows, Linux, Unix
- Experience with security systems including firewalls, intrusion detection systems, anti -virus software, endpoint security and vulnerability management software.
- Strong knowledge of frameworks such as Cyber Kill Chain and Adversary Tactics,Techniques and Procedures.
- Hands-on experience in Splunk SIEM or any other major SIEM Platform.
- Hands-on experience in fine tuning detection usecases and development of new use cases to improve Cyber threat detection capabilities.
- Hands-on experience of vulnerability management processes and tools.
- Experience in Malware triage and analysis capability.
- Knowledge of security standards, risk methodologies and relevant legal, financial and regulatory legislation
- Stand-by support after office hours and during weekend/public holidays.
- Hold relevant Security domain related Certifications such as Security+, CEH, OSCP, SANS GMON, GCIA, GCIH
- Good communication skills
- Programming skills, including ability to script in Python desired.
- Passionate about security and self-development, keeping up to date with the evolving threat and vulnerability
- landscape, new technologies and service improvements
- Previous exposure to working with a MSSP is an advantage
- Knowledge and experience in SOAR platform is desirable.
