Senior Cyber Incident Response Specialist

 

Recruiter:

SM Squared Talent (Pty) Ltd

Job Ref:

PTA000253/MB

Date posted:

Tuesday, April 19, 2022

Location:

Midrand, South Africa


JOB SUMMARY:
SM2 Talent Solutions specialize in sourcing experienced professionals across all demographics and industries from entry level to executive leadership, on temporary, or temporary with the view to assessing suitability for permanent basis.
 
Job Description: Senior Cyber Incident Response Specialist
Industry: Global professional services
Location: Across South Africa, Africa and The Netherlands
Start date: May / June 2022
Availability: immediately would be advantageous
 
Please read the requirement’s before applying

JOB DESCRIPTION:

Data leaks, ransomware, unusual network traffic. Cyber criminals, from insider threat to nation-state sponsored hackers.
Our IR teams support our clients in 24x7 engagements with on-site and (mostly) remote technical analysis. This usually involves collecting data (log files, forensic images, memory images, leverage SIEM, EDR, etc), processing this data in relevant tools (Splunk, forensic tools, custom scripts), analyzing the data for traces related to the incident and reporting on our findings and recommendations. You make a difference for our clients by performing sharp and technical analyzes and by carrying out targeted containment and eradication actions. You are often also asked to give tactical advice, which make an enormous impact that is valued by the client.
We currently have a core team of 5 FTE that is expected to grow to 10 FTE by Q2 2022.
The work is obviously quite unpredictable and has an eb and flow (peaks and dips) in terms of actual IR work.
This work load is complemented by IR related activities we perform for retainer and other clients, like: threat hunting, IR table tops, incident readiness assessments, training, MDR services, compromise assessments, and IR playbook development
We could use ad-hoc support in the IR cases (all phases really, although expected to be mostly in analysis stage), which would be relatively short notice given the nature of the work. For larger incidents, we often see a build-up where it is fine to expand the team over the course of 1-2 weeks
We could also use support in some of the non-IR work mentioned under the third bullet. This is much more plannable work, both in terms of volume over an entire FY, as well as for short to mid-term (weeks to months). Being able to hand over some of the leg work in those activities keeps the hands of the IR team (more) free for new incoming IR requests.
  • Technical investigations of cyber incidents: analysis of log files, Windows event logs, Linux artifacts to correlations in EDR tooling, network monitoring tools and SIEM.
  • In-depth analysis of malware, threat intelligence and other relevant sources (incl reverse engineering).
  • Tactical support such as advice on triage, containment, eradication and broader coordination in cyber incidents.
  • Forensic analysis of systems and networks
  • Memory forensics
  • Performing Compromise Assessments and Threat Hunting projects in SIEM and EDR tooling.
  • Creation of custom scripts for parsing special log files, data sets and images, etc.
  • Creation of complex timelines based on findings and observations
  • Member of the broader Firm Response Team, adding CIR skills to the overall team that includes privacy, crisis management, crisis communication, forensic investigations and ICS/OT.
  • Part of the EMEA and Global technical incident responder community to build a strong network and share knowledge base.
  • Flexible working hours to support the customer during high-impact incidents
Education:
For the role of Senior Cyber Incident Response Specialist, you also have:
  • Professional level of written and spoken English. Writing and speaking Dutch at a professional level is a plus.
  • An excellent command of written and spoken English.
  • At least 2 years of experience in Cyber Incident Response and digital forensics.
  • Master’s or bachelor’s degree in computer science (or related field).
  • Hands-on skills to perform sharp and in-depth analyzes, both using tooling such as EDR and network sensors, but also manual analysis, if the tools are not available.
  • Certifications like GCIH, GCFE, GCFA, GNFA, GREM.
  • Affinity with offensive security work (pentesting etc) is definitely useful
  • Experience in systems and/or network administration is a big plus
  • Ability to work under pressure and keep track of the big picture while performing in-depth analysis
  • Excellent communication skills (both verbally and written)
  • exceptional social skills, willingness and experience in being a team player and dealing with people from a various backgrounds and areas across the company, but also possess the ability to work independently.
  • the ability to handle sensitive information of clients with trust and confidentiality
If you would like to be considered, please apply directly. For more financial jobs, please visit

 

 

Similar jobs you might be interested in:

Workflow Automation & GenAI Support
Location: Johannesburg
Salary:
Signa Opportunity is recruiting unemployed youth for quality workplace experience through the Youth Employment Service (YES) initiative.About the YES InitiativeThe initiative was launched by the President in 2018 and is a partnership with the government and labour department to collectively devise a national plan to build economic pathways for South Africa’s youth by creating workp...
18 days ago


Cyber Security Lead
Location: Johannesburg
Salary: market related Monthly
Summary of role:This role is accountable for the detection, response and recovery services related to cyber Security. It is a temporary role which will hand over to the final permanent candidate that will be in place by the end of this contract. The individual would need to manage cyber related threats (actual or perceived), as well as be able to build and sustain a team that addresses these threa...
Today


Information Security Manager
Location: Johannesburg
Salary: Market Related Monthly
Job Description:The Information Security Manager will lead our client’s cybersecurity strategy, governance, and operations across a hybrid cloud infrastructure. This includes managing Microsoft security capabilities, integrating firewall technologies, overseeing the cyber Security Operations Center (SOC), and ensuring compliance with regulatory and industry standards. The role also includes ...
Today


Information Security Manager
Location: Johannesburg
Salary: Annually
The Information Security Manager will lead our client’s cybersecurity strategy, governance, and operations across a hybrid cloud infrastructure. This includes managing Microsoft security capabilities, integrating firewall technologies, overseeing the cyber Security Operations Center (SOC), and ensuring compliance with regulatory and industry standards. The role also includes managing BYOD ri...
1 day ago


IT GRC Governance Compliance Specialist
Location: Johannesburg
Salary: market related Monthly
Summary of roleThe organisation is looking for an IT governance, risk and compliance specialist who will develop andimplement IT governance frameworks and controls aligned with international standards; manage IT auditsand risks; ensure compliance to the applicable IT regulations and policies and deliver on the IT reportingrequirements. ResponsibilitiesDevelop and implement a comprehensive IT ...
8 days ago


Network / API Specialist
Location: Johannesburg
Salary: 250 Hourly
New Job opportunity - 6 months contract role with top tier bank Transactional Banking Network & API specialistReady to step into a high-impact role supporting the digital backbone of transactional banking?This opportunity is ideal for a technically strong specialist who enjoys problem-solving, client interaction, and working behind the scenes to keep critical banking channels secure, stab...
14 days ago


Create a free job alert for Senior Cyber Incident Response Specialist in Midrand

Enter your email address below and we will email you similar jobs when they become available:

You can cancel at any time. We will not spam you.
By giving us your email address your agree to our Terms and Conditions

 

Jobseekers

Register your CV
Search jobs
Job alerts
CV writing
Blog

Recruiter

Advertise jobs
Search the CV database
How to Write a Job Description

General

Company a-z
Partners
About us
Disclaimer
Terms and conditions
Privacy policy
Cookie policy
POPIA manual
Unsubscribe
Site Map

© Copyright 2026 Executive Placements. All Rights Reserved.