Incident Response Engineer (JB)Southern Suburbs, Cape Town R30 per month Duration : PermanentOverviewAs the Incident Response Engineer, you will form part of the detection and response team, investigating malicious activity, triage incidents and assist customers with responding to security incidents.

Minimum Criteria : Have a passion for cyber securityHave troubleshooting skills and experience, both on network and application levelsBe attentive to detailsHave the ability to communicate clearly and effectively, particularly via emailWillingness to work in a team environment to improve efficiencies and solve problems as a teamHave a broad understanding of IT systems in general.

Any specializations will be beneficial, but broad understanding is imperativeDuties : Investigate incidents to determine if they are false positives or if they require in depth investigation.

Investigate cases to closure.Where required escalate or liaise with team members to assist in determining outcome.Communication to clients is key to ensure that cases can be closed with success.

Work with detection team to devise new methods of detecting malicious activity.Review, document and refine response procedure for alerts to ensure it is as effective as possible.

Develop, analyse and report on alerts and their effectiveness.Work with detection teams to fine tune detectors to make them less likely to create false positives.

Work with detection and infrastructure teams to optimise response workflow through automation, orchestration or using other innovative methods.

In terms of qualifications, any general IT qualifications will be of benefit.Any security certification or vendor specific certifications, particularly for cyber security products will also be beneficial.