Search by job, company or skills
Job Description
You will be a member of the Group Information Security Team responsible for responding to threats and incidents to the corporate networks, systems (on-prem and cloud), and digital assets.
Key Responsibilities:
.Perform security monitoring and incident response activities across the scoot networks, leveraging a variety of tools and techniques.
.Manage Security Operations center.
.Detect incidents through proactive hunting across security-relevant data sets.
.Ability to correlate multiple events from different devices to identify abnormal behaviour
.Document incident response analysis activities thoroughly
.Develop new, repeatable methods for finding malicious activities
.Provide recommendations to enhance detection and protection capabilities.
.Effectively present technical topics to both technical and non-technical audiences
.Develop and follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in the remediation of information security incidents
.Prioritize multiple high-priority tasks and formulate responses/recommendations in a fast-paced environment
.Prepare documentation for security technical standards, standard operational procedures, and hardening standards.
.Analyse endpoint, network, and application logs
.Assist other IT teams in security-related issues
.Engage with vendors and parent company SIA team members for security reviews.
Requirements:
.Degree in Computer Engineering, Computer Science, Information Systems, or equivalent qualification.
.At least 5-6 years of experience in Cybersecurity Incident and Security Operations.
.Demonstrate experience in Information Security with a focus on Cyber Security Operations, Incident Response and Detection.
.Experience working in the Security Operations Centre and/or Computer Incident Response Team.
.Excellent problem-solving skills combined with hands-on experience doing root cause analysis and post-incident reviews.
.Solid knowledge of computer networks and common protocols
.Knowledge of prominent cyber threat actors and APT groups.
.Experience with Threat Intelligence Platforms.
.Experience with SIEM (especially Splunk).
.Professional security related qualifications (i.e. GCIA, CISSP etc) will be an advantage
.Preferred certifications: CISSP, CISM, CISA, ISMS, TOGAF, SABS
.Good interpersonal skills
Date Posted: 08/11/2024
Job ID: 99610741