• Login Name       Password       Remember me       LOGIN LOGIN    FORGOT PASSWORD


Incident Response Technician

Job Ref
Job Type
Employer Type
Date Added 22 Jun 2022
Expiry Date 20 Jul 2022
* There have been 5 applications to this job.
* This job has been viewed 2882 times.
Cyanre The Computer Forensic Lab


Market related


Role details:
Cyanre The Digital Forensic Lab, one of the leading Digital Forensic and MSS firms in South Africa, has an exciting new opportunity for an Incident Response Technician located at our office in Pretoria.

We have an exciting new opportunity within our Incidence Response Team for an Incident Response Technician.
- - - - - - - - - - - - - -
Role Objectives:

The position is NOT within an SOC environment, but is rather a “feet-on-the-ground” role, whereby we assist clients during an IT security incident by integrating with their security team or either to manage the whole incident as an outsourced service.
The main objectives of the role will be to actively manage and investigate IT related incidents reported by our clients. This will allow us to co-ordinate a rapid and effective response to major security incidents by the management and co-ordination of an IR team.
The functionaries will be required to respond to security incidents that will allow them to:
- Establish the scope of the incident
- Develop and implement a containment measure as well as implementing an eradication and remediation strategy
- Identify and collect network information that includes system logs in order to generate a deep-dive forensic investigation that will allow us to conduct a detailed analyses of data gathered to identify and report on how and why the breach occurred, what actions where taken by the perpetrators as well as advising clients about the underlying issues, control processes and security optimisation in order to minimize or prevent future breaks in service.
Key Responsibilities:
• Handling of major incidents & investigation of incidents through root cause analysis or through proactive trend analysis and monitoring.
• Continuous improvement to ensure effective service: Examine potential areas for service improvement and raise proposals with senior management as well as continues knowledge development on malware and exploits used by perpetrators
• Service delivery to ensure customer satisfaction: - Maintain service, quality and desired outputs across the business process by ensuring compliance to tactical policies, procedures and standards.
• Ensure cost efficiency through financial and corporate governance: Contribute to the development and implementation of fit for purpose budgets.
• Continuously build and manage the relationship between the Company and clients
• People: Lead, coach, guide & develop team reporting to the function
• Develop internal training material and knowledge sharing practices for continuous improvement and efficacy.
• Develop and perform proactive technical, procedural and governance audits on existing security programs and infrastructure to assist with compliance and security in today’s evolving landscape.

Required Knowledge, Experience and Skills:
• 3 - 5 years' experience in IT Problem Management
• 2 - 3 years' experience in Incident Response Management

Experience and/ or proven knowledge of the following is required:
• Experience in project management
• Functioning of SOC/SIEM technologies
• Experience in a digital forensic environment
• IDS/IPS, penetration and vulnerability testing
• Firewall and intrusion detection/prevention protocols
• Secure coding practices, ethical hacking and threat modelling
• ISO 27001/27002, ITIL and COBIT frameworks
• PCI, HIPAA, NIST, GLBA and SOX compliance assessments
• Windows, UNIX and Linux operating systems
• Application security and encryption technologies
• C, C++, C#, Java, Python, Ruby or PHP programming languages
• Subnetting, DNS, encryption technologies and standards, VPNs, VLANs, VoIP and other network routing methods
• Network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, etc.)
• Advanced Persistent Threats (APT), phishing and social engineering, network access controllers (NAC), gateway anti-malware and enhanced authentication, Malware analysis and detection

Qualifications and/or certifications and/or a combination thereof together with the above experience will receive preference:
• A degree in Computer Science, Cyber Security or a related field.
• Product specific certifications (Including Fire-eye/ RSA/SPLUNK/ArcSight/Elsastic Search, Oxygin, Cybereason, Crowdstrike, AlienVault, Checkpoint, Palo Alto, Sophos, McAfee, Trustwave, Fortigate, Cisco, Juniper, Panda Security etc.)
• ITIL certification
• CompTIA Security+
• GSEC: GIAC Security Essentials Certification
• SSCP: Systems Security Certified Practitioner
• CISSP: Certified Information Systems Security Professional
• CISA: Certified Information Systems Auditor
• CISM: Certified Information Security Manager
• GCIH: GIAC Certified Incident Handler
• CEH: Certified Ethical Hacker
• OSCP: Offensive Security Certified Professional
• CASP: Comptia Advanced Security Practitioner
• CySA+: CompTIA Cybersecurity Analyst