• Login Name       Password       Remember me       LOGIN LOGIN    FORGOT PASSWORD


Incident Response Manager

Job Ref
Job Type
Employer Type
Date Added 1 Dec 2020
Expiry Date 29 Dec 2020
* There have been 18 applications to this job.
* This job has been viewed 6664 times.
Cyanre The Computer Forensic Lab

Gauteng (Pta)

Market related


Role details:
Cyanre The Digital Forensic Lab, one of the leading Digital Forensic and IR firms in South Africa, has exciting new opportunities within our Incidence Response Team for an Incident Response Manager.
- - - - - - - - - - - - - -
Role Objectives:

The position is NOT within a SOC environment, but on a “feet-on-the-ground” basis whereby we assist clients during an IT security incident by integrating with their security team or to manage the whole incident as an outsourced service.

The main role objectives will be to actively manage and investigate IT related incidents reported by clients in order to co-ordinate a rapid and effective response to major security incidents and management and co-ordination of an IR team.

The functionaries will be required to respond to security incidents - establish the scope of the incident, develop and implement a containment, eradication and remediation strategy, identify and collect networks and system logs for deep-dive forensic investigation and conduct a detailed analyses of data gathered to identify and report on how and why the breach occurred, what actions where taken by the perpetrators and advising clients regarding underlying issues, control processes and security optimisation to minimize or prevent future breaks in service.

Key Responsibilities:

• Manage and investigations into IT related incidents by co-ordinating a rapid and effective response for clients
• Co-ordinate the rapid and effective handling of major incidents & lead the investigation of incidents through root cause analysis or through proactive trend analysis and monitoring.
• Continuous improvement to ensure effective service: Examine potential areas for service improvement and raise proposals with senior management as well as continues knowledge development on malware and exploits used by perpetrators
• Service delivery to ensure customer satisfaction: - Maintain service, quality and desired outputs across the business process by ensuring compliance to tactical policies, procedures and standards.
• Ensure cost efficiency through financial and corporate governance: Contribute to the development and implementation of fit for purpose budgets.
• Continuously build and manage the relationship between the Company and clients
• People: Lead, coach, guide & develop team reporting to the function
• Develop internal training material and knowledge sharing practices for continuous improvement and efficacy.
• Develop and perform proactive technical, procedural and governance audits on existing security programs and infrastructure to assist with compliance and security in today’s evolving landscape.

Required Knowledge, Experience and Skills:

• 5 - 8 years' experience in IT Problem Management
• 3 - 5 years' experience in Incident Response Management

Experience and/ or proven knowledge of the following is required:

• Experience in project management
• Management and function of SOC/SIEM technologies
• Experience in a digital forensic environment
• IDS/IPS, penetration and vulnerability testing
• Firewall and intrusion detection/prevention protocols
• Secure coding practices, ethical hacking and threat modelling
• ISO 27001/27002, ITIL and COBIT frameworks
• PCI, HIPAA, NIST, GLBA and SOX compliance assessments
• Windows, UNIX and Linux operating systems
• Application security and encryption technologies
• C, C++, C#, Java, Python, Ruby or PHP programming languages
• Subnetting, DNS, encryption technologies and standards, VPNs, VLANs, VoIP and other network routing methods
• Network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, etc.)
• Advanced Persistent Threats (APT), phishing and social engineering, network access controllers (NAC), gateway anti-malware and enhanced authentication, Malware analysis and detection

Persons with the following Qualifications and/or certifications and/or a combination thereof together with the above experience will receive preference:

• A bachelor’s degree in Computer Science, Cyber Security or a related field.
• Product specific certifications (Including Fire-eye/ RSA/SPLUNK/ArcSight/Elsastic Search, Oxygin, Cybereason, Crowdstrike, AlienVault, Checkpoint, Palo Alto, Sophos, McAfee, Trustwave, Fortigate, Cisco, Juniper, Panda Security etc.)
• ITIL certification
• CompTIA Security+
• GSEC: GIAC Security Essentials Certification
• SSCP: Systems Security Certified Practitioner
• CISSP: Certified Information Systems Security Professional
• CISA: Certified Information Systems Auditor
• CISM: Certified Information Security Manager
• GCIH: GIAC Certified Incident Handler
• CEH: Certified Ethical Hacker
• OSCP: Offensive Security Certified Professional
• CASP: Comptia Advanced Security Practitioner
• CySA+: CompTIA Cybersecurity Analyst

Applications for this role will be prioritised in line with our transformation objectives as per our Employment Equity Plan

Only shortlisted candidates will be contacted

Cyanre reserves the right not to fill the post.