SIRT Cyber Security Incident Responder
NTT
Johannesburg, South Africa
5d ago

Want to be a part of our team?

No Radford job or level selected)

Working at NTT

What will make you a good fit for the role?

SIRT Cyber Security Incident Responder

Reports to : Manager of Security Incident Response Team Department : Security

JOB SUMMARY : JOB SUMMARY :

JOB SUMMARY :

Join a highly skilled and motivated team of Cyber Security Professionals tasked with protecting Secure-24 and its customers.

The Cyber Security Analyst role is primarily focused on incident response, however prevention, hunting, digital forensics and consulting also play a role.

Leverage a next generation SIEM, SOAR, cyber case management and supplementary tools to investigate, contain, and remediate cyber security incidents.

The Cyber Security Analyst must have a drive to learn and grow as the industry changes and Secure-24 adapts rapidly.

Secure-24 understands that a candidate may not possess all of the skills required of a Security Analyst for the unique service provider space.

At Secure-24 the desire to learn and the ability to grow is a requirement of the position. Expert skills in other disciplines are always welcome and shows a candidate’s ability to adapt.

Structured training as well as on the job experience is a required part of the job to bring security professionals up to speed for the complex requirements and fast paced environment of a service provider.

Security Analysts must have a drive to learn and grow as the industry changes and Secure-24 adapts.

ESSENTIAL FUNCTIONS :

  • Lead Incident Response investigations for Secure-24 and Secure-24 customers
  • Perform analysis of logs and alerts to differentiate security events from security incidents
  • Discover and correlate relationships between seemingly unrelated information
  • Obtain corroborating evidence through packet analysis of network traffic
  • Continuously improve incident response procedures
  • Handle security incident escalation via Cyber Case Management tools, SOAR, SIEM, ITSM, email, phone, or walk-up
  • Manage and coordinate security incidents to completion and work with internal teams for remediation or escalation assistance
  • Tune and troubleshoot SIEM, IDP and other relevant security systems
  • MINIMUM QUALIFICATIONS :

  • Experience reviewing and analyzing log data from various network and security devices
  • Experience with well-known information security related tools for packet capture, network / OS fingerprinting, and communication
  • Familiarity with Windows and Linux operating systems including command line operation
  • Possess a strong foundation in networking fundamentals with deeper knowledge of TCP / IP and other core protocols
  • Knowledge of common network based services and common client / server applications
  • Excellent verbal / written communication, interpersonal and organizational skills
  • Communicate effectively with varied levels of staff to develop positive working relationships
  • Ability to continuously improve skillset to combat changing threat landscape
  • Excellent problem solving skills to diagnose technical issues
  • Manage customer situations professionally to aid in positive customer satisfaction
  • Ability to learn new technology and concepts quickly
  • Ability to work on a shift or on-call rotation if needed
  • PREFERRED QUALIFICATIONS :

  • Experience working in a mission critical operations team
  • Practical understanding of exploits, vulnerabilities, computer network intrusions, adversary tactics, exfiltration techniques and common knowledge
  • Experience with enterprise SIEM products
  • Experience with ITSM, IT GRC, SOAR, and / or Cyber Case Management Tools
  • Scripting with Python, Perl, Bash and / or PowerShell
  • Database structures and queries, Regular Expressions
  • Experience acquiring and analyzing data from clients and servers related to security incident response
  • Digital Forensic or Threat Intelligence work
  • EDUCATION and TRAINING :

  • BS degree in relevant field or 3 years equivalent work experience
  • IT, ITIL and Security related certifications desired
  • Recent CFCE / CCE / EnCE, CSFA or relevant active GIAC SANS certifications are desired
  • Report this job
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form