Security Analyst [SOC]

JOB SUMMARY:
The Role:

Essential Function:

• Monitor, Manage and configure of Security Tools 
• Monitor User, Network, Threat and other events from security tools to identify abnormal activity indicating security incidents
• Review and correlate incident information ...
  
  

  JOB DESCRIPTION:
  

  The Role:

  Essential Function:

  • Monitor, Manage and configure of Security Tools 
  • Monitor User, Network, Threat and other events from security tools to identify abnormal activity indicating security incidents
  • Review and correlate incident information to determine and assess their urgency and impact - Perform Threat Intel Research and understand current CyberSecurity Threats, Tactics and techniques
  • Establish a detailed understanding of clientâ??s infrastructure
  • Establish a detailed understanding of clients incidence response processes 
  • Research and understand and stay abreast with the Mitre Attck Framework 
  • Create and update Security incidents in ITSM platform with detailed information of logs relevant to the incident 
  • Update and track incidents and requests based on analysis results and incident response updates
  • Escalate validated and confirmed Incidents to TIER 2 and designated incident response teams
  • Work Closely with other security teams and designated incident response teams
  • Create client request for information elements and reports
  • Identify gaps and/or omissions in security detection and posture. 
  • Provide input into Run-book and playbook development
  • Assist in automation of response and remediation processes. 
  • Support and assist senior analysts

  Skills and Experience:

  Essential Qualification:

  • Grade 12
  • Industry recognised (vendor neutral) security certification (e.g. CISSP, CEH, Security+, GIAC, etc.)

  Preferred Qualification:

  • Hold an industry recognised (vendor neutral) security certification (e.g. CISSP, CEH, Security+, etc.)
  • Degree (or equivalent) in Information Technology/Security, Engineering or related field of study preferred (alternatively an equivalent combination of education and experience).
  • 3 to 5 years in a hands-on security role, with a strong background in security tools including but not limited to firewalls, IDS/IPS, proxy servers and endpoint protection
  • Holds a recognised SIEM Tool Certification

  Required Experience:

  • 2+ Years of experience with Information Security with experience in a SOC environment, with demonstrable expertise in SIEM (LogPoint, QRadar, Splunk McAfee or ArcSight)
  • 5+ Years of experience in an operations focused information security role

  Other:

  Work Environment:

  • Security Operations Centre

  Physical demands:

  • Office Based in the Security Operations Centre Ad-Hoc Remote support

  Travel:

  • Potential travel after hours/weekends for breach incidents

   

  NB! This job is now closed. You can apply for other jobs by uploading your CV.

  
  

  ---

   

  New users - Upload your CV

  Existing users - Login here