JOB SEEKERS
EMPLOYERS
JOBS QUICK-SEARCH
.net
.net developer
a+
abap
account manager
accountant
admin
administrator
analyst
architect
bookkeeper
business analyst
business intelligence
c#
call centre
ccna
cisco
cloud
cobol
consultant
delphi
desktop
desktop support
developer
engineer
finance
graduate
graduates
helpdesk
internship
it manager
it support
it technician
java
java developer
junior developer
legal
linux
manager
marketing
mcse
network
network administrator
oracle
personal assistant
php
php developer
programmer
project
project administrator
project manager
receptionist
sales
sap
secretary
security
sql
support
technical support
technician
test analyst
tester
web developer
NEWSLETTER
FOLLOW US
Incident Response Technician
Job Ref
284048
Job Type
Permanent
Employer Type
Company
Date Added
1 Dec 2020
Expiry Date 29 Dec 2020
Expiry Date 29 Dec 2020
* There have been 44 applications to this job.
* This job has been viewed 11258 times.
Employer:
Cyanre The Computer Forensic Lab
Location:
Gauteng (Pta)
Salary:
Market related
Benefits:
Role details:
Role Objectives:
The position is NOT within a SOC environment, but on a feet-on-the-ground basis whereby we assist clients during an IT security incident by integrating with their security team or to manage the whole incident as an outsourced service.
The main role objectives will be to actively manage and investigate IT related incidents reported by clients in order to co-ordinate a rapid and effective response to major security incidents and management and co-ordination of an IR team.
The functionaries will be required to respond to security incidents - establish the scope of the incident, develop and implement a containment, eradication and remediation strategy, identify and collect networks and system logs for deep-dive forensic investigation and conduct a detailed analyses of data gathered to identify and report on how and why the breach occurred, what actions where taken by the perpetrators and advising clients regarding underlying issues, control processes and security optimisation to minimize or prevent future breaks in service.
- - - - - - - - - - - - - -
Key Responsibilities: Handling of major incidents & investigation of incidents through root cause analysis or through proactive trend analysis and monitoring.
Continuous improvement to ensure effective service: Examine potential areas for service improvement and raise proposals with senior management as well as continues knowledge development on malware and exploits used by perpetrators
Service delivery to ensure customer satisfaction: - Maintain service, quality and desired outputs across the business process by ensuring compliance to tactical policies, procedures and standards.
Ensure cost efficiency through financial and corporate governance: Contribute to the development and implementation of fit for purpose budgets.
Continuously build and manage the relationship between the Company and clients
People: Lead, coach, guide & develop team reporting to the function
Develop internal training material and knowledge sharing practices for continuous improvement and efficacy.
Develop and perform proactive technical, procedural and governance audits on existing security programs and infrastructure to assist with compliance and security in todays evolving landscape.
Required Knowledge, Experience and Skills:
3 - 5 years' experience in IT Problem Management
2 - 3 years' experience in Incident Response Management
Experience and/ or proven knowledge of the following is required:
Experience in project management
Functioning of SOC/SIEM technologies
Experience in a digital forensic environment
IDS/IPS, penetration and vulnerability testing
Firewall and intrusion detection/prevention protocols
Secure coding practices, ethical hacking and threat modelling
ISO 27001/27002, ITIL and COBIT frameworks
PCI, HIPAA, NIST, GLBA and SOX compliance assessments
Windows, UNIX and Linux operating systems
Application security and encryption technologies
C, C++, C#, Java, Python, Ruby or PHP programming languages
Subnetting, DNS, encryption technologies and standards, VPNs, VLANs, VoIP and other network routing methods
Network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, etc.)
Advanced Persistent Threats (APT), phishing and social engineering, network access controllers (NAC), gateway anti-malware and enhanced authentication, Malware analysis and detection
Requirements:
Persons with the following Qualifications and/or certifications and/or a combination thereof together with the above experience will receive preference:
A degree in Computer Science, Cyber Security or a related field.
Product specific certifications (Including Fire-eye/ RSA/SPLUNK/ArcSight/Elsastic Search, Oxygin, Cybereason, Crowdstrike, AlienVault, Checkpoint, Palo Alto, Sophos, McAfee, Trustwave, Fortigate, Cisco, Juniper, Panda Security etc.)
ITIL certification
CompTIA Security+
GSEC: GIAC Security Essentials Certification
SSCP: Systems Security Certified Practitioner
CISSP: Certified Information Systems Security Professional
CISA: Certified Information Systems Auditor
CISM: Certified Information Security Manager
GCIH: GIAC Certified Incident Handler
CEH: Certified Ethical Hacker
OSCP: Offensive Security Certified Professional
CASP: Comptia Advanced Security Practitioner
CySA+: CompTIA Cybersecurity Analyst
Applications for this role will be prioritised in line with our transformation objectives as per our Employment Equity Plan
Only shortlisted candidates will be contacted
Cyanre reserves the right not to fill the post.