CSOC Specialist
Content+Cloud
Cape Town, Western Cape, ZA
6d ago

The CSOC Specialist role is part of the Cyber Security Operations Centre (CSOC) and sits within the Cyber Services Department of Content + Cloud

The candidate will be an active player within the Cyber Security Operations Centre (CSOC) using a variety of SIEM and security toolsets to meet the requirements of the business and its customers.

This is a hands-on role and requires a broad technical knowledge, skills and abilities. Although the focus is on Cyber Security, knowledge and / or experience of modern IT systems and infrastructure is advantageous to assist with the development and continuous improvement of the security platforms within Content + Cloud and its customer’s environments.

Requirements

  • Work within a multi-disciplined CSOC team identifying, owning, progressing and resolving security incidents.
  • Perform the prompt and effective triage and investigation of security events and incidents applying sound problem solving methods to determine scope, urgency, and potential impact.
  • Provide technical support for the identification and response to events or incidents of a suspicious or malicious nature, and apparent security breaches.
  • Addresses technical problems; install, configure, troubleshoot, and provides maintenance to security platforms. Provides specialist technical support to Incident Response (IR)
  • Collaborate with stakeholders to identify access and data collection gaps providing specialist Cyber technical advice, guidance and support.
  • Drive customer satisfaction and continuously seek to improve operational performance.
  • Maintain a continuous understanding of the threat landscape with in-depth knowledge around threat actors, TTPs and vulnerabilities
  • Actively support the Cyber Security Operations and Cyber Security Engineering functions in the planning, development and execution of initiatives designed to improve services and performance.
  • Essential

  • Excellent soft skills in the form of team working, problem solving and communication.
  • A keen self-starter who can evidence excellent customer service and can collaborate effectively.
  • Demonstrable experience working with SIEM technology, preferably within a CSOC / SOC environment
  • Demonstrable technical knowledge, skills and / or experience in intrusion analysis, and network and security investigation using a variety of security tools (EDR, DLP, AV, Snort, Wireshark, TCPdump etc.).
  • Working knowledge and experience of core security and infrastructure technologies (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS / IDS)
  • Desired

  • Having achieved at least a BSc or MSc in Cyber Security incorporating Ethical Hacking, Digital Forensics or Information Security; or
  • One or more of the following industry certifications : CEH, GCIA, GCIH, GSEC, Security+, GCTI
  • Experience in secured cloud architectures (Azure, AWS) and engineering solutions
  • Formal experience in Digital Forensics or experience using EnCase, FTK Imager or similar
  • An understanding of multiple operating systems and their programming interfaces such as UNIX Shell and PowerShell.
  • An awareness of cyber security related standards and regulations, for example, NIST, CIS, ISO 27001 and PCI DSS
  • Benefits

  • Salary dependent on experience
  • Role based out of our Century City offices (currently working remotely)
  • 40 - 45 hours per week (This will be a mixed early and late shift rotation, over a 4 days on, 4 days off pattern - The shift times will be discussed at interview stage)
  • 20 days’ annual leave
  • Multiple HIIT, general fitness, yoga and meditation classes run virtually each week! (In addition to other wellness events and other social activities...)
  • Continual professional development plans
  • Report this job
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form