J2 Software is an established African security-focused technology business founded in 2006 to deliver practical, world-class security services and solutions to our customers.

Using our proven approach of getting things done, we provide real solutions to everchanging cybersecurity problems.
We are here to make sure that you have enterprise-grade security, no matter the size of your business. J2 Software will deliver managed security services that are
tailored to your individual business.
No business is the same and we, therefore, know that there is no one-size-fits-all solution.
By delivering fast to implement, practical solutions we ensure that we are your strategic security partner and will be part of the journey to improved security and effective compliance which goes beyond simply ticking a checkbox. Real security allows our customers to operate more efficiently knowing that information is secured, and their reputation protected.JOB DESCRIPTION:

Your primary objective will be to proactively monitor and hunt through customer environments to detect and respond to information security threats.

You will help to protect organisations by employing a range of bleeding edge technologies and processes to prevent,
detect and manage cyber security threats.

This may include protection of computers, data, networks, applications and business operations.
In your role as Security Operations Analyst Level 2 you will be tasked with evaluating SIEM (Security Incident Event Manager) related events flagged for review by established strategies within our world-class SOC.

This evaluation is performed with various validation tools, understanding and application of computer security topics and malware infections, and identification of new techniques in making quick decisions with a high rate of accuracy.

You in this role will contribute to the strategic development of a program aimed at further enhancing our world class
experience.

The Security Operations Analyst Level 2 is expected to adhere to numerous Key Performance Indicators to ensure decisions are made balancing factors such as risk tolerance and customer experience.

- Investigation and qualification of SOC Analyst L2 incidents
- Access to Tier escalation process tools for investigation
- Proposition of specific recommendations
- Incident analysis for alarm correlation rules design and improvements / implementation
- Security crisis information gathering
- Check of applied recommendation for L1/L2 incidents
- Contextual investigation of alarms
- Client incident notification and required mitigation
- SIEM rules fine-tuning and knowledge base update
- Proactive Threat Hunting using IOCs and Threat Intelligence
- Co-operation with SOC Analysts L1 and L3 and Vulnerability for rapid alarm response
- Active participation in security forums
- Deals with alarms from SOC Analysts L1
- Updates knowledge base regularly and immediately if required
- Triggers SOC Analysts L3 escalation if needed
- Acts on security critical tickets within Tier 2 incident process
- Apply business knowledge, awareness of known attacker techniques, and use of various validation tools to provide
alarm determinations
- Validates weekly, monthly, quarterly, half and yearly reports
- Examines and monitors for attacks, intrusions and unusual, unauthorized or illegal activity
- Use advanced analytic tools to determine emerging threat patterns and vulnerabilities
- Investigate and solves security breaches and other cyber security incidents and provide incident response.
- Liaise with L3 and key stakeholders in relation to cyber security issues and provide future recommendations
- Install security measures and operate software to protect systems and information infrastructure, including but not
limited to firewalls and data encryption
- Report security breaches and assess the damage they cause with in RCA process
- Support and back up SOC Analyst L3 about major incidents with assigned and identified tasks by SOC Analysts L3
- Work with security teams to perform tests and uncover network and application vulnerabilities
- Fix and adjust detected vulnerabilities to maintain a high-security standard
- Stay current on IT security trends, intelligence and news
- Research security enhancements and make recommendations to management
- Min 3 years of SOC Level 1 and Min 2 years of SOC Level 2 experience
- AlienVault Certifications or similar are a plus
- 3 + years SOC and SIEM experience and know how is essential
- Security+ is required
- CySA+ or equivalent is required
- CEH is a plus
- GSEC is a plus
- SSCP is plus