JOB SEEKERS
EMPLOYERS
JOBS QUICK-SEARCH
.net
.net developer
a+
abap
account manager
accountant
admin
administrator
analyst
architect
bookkeeper
business analyst
business intelligence
c#
call centre
ccna
cisco
cloud
cobol
consultant
delphi
desktop
desktop support
developer
engineer
finance
graduate
graduates
helpdesk
internship
it manager
it support
it technician
java
java developer
junior developer
legal
linux
manager
marketing
mcse
network
network administrator
oracle
personal assistant
php
php developer
programmer
project
project administrator
project manager
receptionist
sales
sap
secretary
security
sql
support
technical support
technician
test analyst
tester
web developer
NEWSLETTER
FOLLOW US
Incident Response Technician
Job Ref
284793
Job Type
Permanent
Employer Type
Company
Date Added
12 Jul 2022
Expiry Date 9 Aug 2022
Expiry Date 9 Aug 2022
* There have been 6 applications to this job.
* This job has been viewed 8293 times.
Employer:
Cyanre The Computer Forensic Lab
Location:
Gauteng
Salary:
Market related
Benefits:
Role details:
We have an exciting new opportunity within our Incidence Response Team for an Incident Response Technician.
- - - - - - - - - - - - - -
Role Objectives:The position is NOT within an SOC environment, but is rather a feet-on-the-ground role, whereby we assist clients during an IT security incident by integrating with their security team or either to manage the whole incident as an outsourced service.
The main objectives of the role will be to actively manage and investigate IT related incidents reported by our clients. This will allow us to co-ordinate a rapid and effective response to major security incidents by the management and co-ordination of an IR team.
The functionaries will be required to respond to security incidents that will allow them to:
- Establish the scope of the incident
- Develop and implement a containment measure as well as implementing an eradication and remediation strategy
- Identify and collect network information that includes system logs in order to generate a deep-dive forensic investigation that will allow us to conduct a detailed analyses of data gathered to identify and report on how and why the breach occurred, what actions where taken by the perpetrators as well as advising clients about the underlying issues, control processes and security optimisation in order to minimize or prevent future breaks in service.
Key Responsibilities:
Handling of major incidents & investigation of incidents through root cause analysis or through proactive trend analysis and monitoring.
Continuous improvement to ensure effective service: Examine potential areas for service improvement and raise proposals with senior management as well as continues knowledge development on malware and exploits used by perpetrators
Service delivery to ensure customer satisfaction: - Maintain service, quality and desired outputs across the business process by ensuring compliance to tactical policies, procedures and standards.
Ensure cost efficiency through financial and corporate governance: Contribute to the development and implementation of fit for purpose budgets.
Continuously build and manage the relationship between the Company and clients
People: Lead, coach, guide & develop team reporting to the function
Develop internal training material and knowledge sharing practices for continuous improvement and efficacy.
Develop and perform proactive technical, procedural and governance audits on existing security programs and infrastructure to assist with compliance and security in todays evolving landscape.
Required Knowledge, Experience and Skills:
3 - 5 years' experience in IT Problem Management
2 - 3 years' experience in Incident Response Management
Experience and/ or proven knowledge of the following is required:
Experience in project management
Functioning of SOC/SIEM technologies
Experience in a digital forensic environment
IDS/IPS, penetration and vulnerability testing
Firewall and intrusion detection/prevention protocols
Secure coding practices, ethical hacking and threat modelling
ISO 27001/27002, ITIL and COBIT frameworks
PCI, HIPAA, NIST, GLBA and SOX compliance assessments
Windows, UNIX and Linux operating systems
Application security and encryption technologies
C, C++, C#, Java, Python, Ruby or PHP programming languages
Subnetting, DNS, encryption technologies and standards, VPNs, VLANs, VoIP and other network routing methods
Network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, etc.)
Advanced Persistent Threats (APT), phishing and social engineering, network access controllers (NAC), gateway anti-malware and enhanced authentication, Malware analysis and detection
Qualifications and/or certifications and/or a combination thereof together with the above experience will receive preference:
A degree in Computer Science, Cyber Security or a related field.
Product specific certifications (Including Fire-eye/ RSA/SPLUNK/ArcSight/Elsastic Search, Oxygin, Cybereason, Crowdstrike, AlienVault, Checkpoint, Palo Alto, Sophos, McAfee, Trustwave, Fortigate, Cisco, Juniper, Panda Security etc.)
ITIL certification
CompTIA Security+
GSEC: GIAC Security Essentials Certification
SSCP: Systems Security Certified Practitioner
CISSP: Certified Information Systems Security Professional
CISA: Certified Information Systems Auditor
CISM: Certified Information Security Manager
GCIH: GIAC Certified Incident Handler
CEH: Certified Ethical Hacker
OSCP: Offensive Security Certified Professional
CASP: Comptia Advanced Security Practitioner
CySA+: CompTIA Cybersecurity Analyst