Senior Cyber Incident Response Specialist

Recruiter:

SM Squared Talent (Pty) Ltd

Job Ref:

PTA000253/MB

Date posted:

Tuesday, April 19, 2022

Location:

Midrand, South Africa

JOB SUMMARY:
SM2 Talent Solutions specialize in sourcing experienced professionals across all demographics and industries from entry level to executive leadership, on temporary, or temporary with the view to assessing suitability for permanent basis.

Job Description: Senior Cyber Incident Response Specialist
Industry: Global professional services
Location: Across South Africa, Africa and The Netherlands
Start date: May / June 2022
Availability: immediately would be advantageous

Please read the requirement’s before applying

JOB DESCRIPTION:

Data leaks, ransomware, unusual network traffic. Cyber criminals, from insider threat to nation-state sponsored hackers.
Our IR teams support our clients in 24x7 engagements with on-site and (mostly) remote technical analysis. This usually involves collecting data (log files, forensic images, memory images, leverage SIEM, EDR, etc), processing this data in relevant tools (Splunk, forensic tools, custom scripts), analyzing the data for traces related to the incident and reporting on our findings and recommendations. You make a difference for our clients by performing sharp and technical analyzes and by carrying out targeted containment and eradication actions. You are often also asked to give tactical advice, which make an enormous impact that is valued by the client.
We currently have a core team of 5 FTE that is expected to grow to 10 FTE by Q2 2022.
The work is obviously quite unpredictable and has an eb and flow (peaks and dips) in terms of actual IR work.
This work load is complemented by IR related activities we perform for retainer and other clients, like: threat hunting, IR table tops, incident readiness assessments, training, MDR services, compromise assessments, and IR playbook development
We could use ad-hoc support in the IR cases (all phases really, although expected to be mostly in analysis stage), which would be relatively short notice given the nature of the work. For larger incidents, we often see a build-up where it is fine to expand the team over the course of 1-2 weeks
We could also use support in some of the non-IR work mentioned under the third bullet. This is much more plannable work, both in terms of volume over an entire FY, as well as for short to mid-term (weeks to months). Being able to hand over some of the leg work in those activities keeps the hands of the IR team (more) free for new incoming IR requests.

Technical investigations of cyber incidents: analysis of log files, Windows event logs, Linux artifacts to correlations in EDR tooling, network monitoring tools and SIEM.
In-depth analysis of malware, threat intelligence and other relevant sources (incl reverse engineering).
Tactical support such as advice on triage, containment, eradication and broader coordination in cyber incidents.
Forensic analysis of systems and networks
Memory forensics
Performing Compromise Assessments and Threat Hunting projects in SIEM and EDR tooling.
Creation of custom scripts for parsing special log files, data sets and images, etc.
Creation of complex timelines based on findings and observations
Member of the broader Firm Response Team, adding CIR skills to the overall team that includes privacy, crisis management, crisis communication, forensic investigations and ICS/OT.
Part of the EMEA and Global technical incident responder community to build a strong network and share knowledge base.
Flexible working hours to support the customer during high-impact incidents

Education:
For the role of Senior Cyber Incident Response Specialist, you also have:

Professional level of written and spoken English. Writing and speaking Dutch at a professional level is a plus.
An excellent command of written and spoken English.
At least 2 years of experience in Cyber Incident Response and digital forensics.
Master’s or bachelor’s degree in computer science (or related field).
Hands-on skills to perform sharp and in-depth analyzes, both using tooling such as EDR and network sensors, but also manual analysis, if the tools are not available.
Certifications like GCIH, GCFE, GCFA, GNFA, GREM.
Affinity with offensive security work (pentesting etc) is definitely useful
Experience in systems and/or network administration is a big plus
Ability to work under pressure and keep track of the big picture while performing in-depth analysis
Excellent communication skills (both verbally and written)
exceptional social skills, willingness and experience in being a team player and dealing with people from a various backgrounds and areas across the company, but also possess the ability to work independently.
the ability to handle sensitive information of clients with trust and confidentiality

If you would like to be considered, please apply directly. For more financial jobs, please visit

Similar jobs you might be interested in:

Senior Solutions Architect (Cyber Security)
Location: Johannesburg
Salary:
Our client in the Telecom sector is seeking a professional senior Solutions Architect on a 12 months contract duration.
12 days ago

Senior Helpdesk Support
Location: Johannesburg
Salary: TBC Annually
Are you a technically curious IT Operations expert who thrives under pressure and enjoys solving complex infrastructure challenges? Step into a senior role where your skills in automation, identity, endpoint, and hybrid networking will drive secure, scalable solutions across a fast-paced environment.
16 days ago

Security Engineer
Location: Pretoria
Salary:
Our client, an award-winning MedTech is looking for a Security Engineer to join their team.
27 days ago

IT Audit Manager
Location: Johannesburg
Salary: 1200000 Annually
We’re on the search for a dynamic IT Audit Manager with experience in Digital & cyber Security to join our clients Group Internal Audit team. This is a high-impact, business-critical role where you’ll be at the forefront of strengthening governance, risk, and control across our digital and cyber landscape.
2 days ago

IT Audit Manager
Location: Johannesburg
Salary: 11000000 Annually
We’re on the search for a dynamic IT Audit Manager with experience in Digital & cyber Security to join our clients Group Internal Audit team. This is a high-impact, business-critical role where you’ll be at the forefront of strengthening governance, risk, and control across our digital and cyber landscape.
9 days ago

Senior IT Auditor (Security)
Location: Johannesburg
Salary: 900000 Annually
Join our client as a senior IT Auditor (Security) and Safeguard their Digital Future!
9 days ago

Android Developer
Location: Pretoria
Salary: 1 000 000 Annually
Are you a skilled Android Developer with a passion for building scalable, high-impact mobile solutions? Join a team where your expertise will help shape the future of health technology and contribute to products that make a real difference.
16 days ago

iOS Develoepr
Location: Pretoria
Salary: 1 000 000 Annually
Are you an experienced iOS Developer with a passion for building elegant, scalable mobile solutions? Join a team where your expertise will shape the future of health technology and make a real-world impact.
16 days ago

Project Coordinator - Contract - 4 days onsite 1 day remote
Location: Johannesburg
Salary: R250 - 270 per hour
Project Coordinator - Contract - 4 days onsite 1 day remote
21 days ago

Project Coordinator - Contract - 4 days onsite 1 day remote
Location: Johannesburg
Salary: R250 - 270 per hour
Project Coordinator - Contract - 4 days onsite 1 day remote
21 days ago

Senior Cyber Incident Response Specialist

Similar jobs you might be interested in:

Create a free job alert for Senior Cyber Incident Response Specialist in Midrand