The Role
iOCO Infrastructure Services Invites You to Explore Possibilities. We are seeking a Cybersecurity Analyst – L2 Senior who will be tasked with conducting deeper investigations and handling escalated incidents. This role involves collaborating with L1 analysts, responding to more sophisticated threats, and playing an essential part in the organization's incident response plan.
Skills and Experience
What you'll do:
Incident Investigation:
Investigate and validate potential threats, including the identification of malicious activity across networks and systems.
Malware Analysis.
Incident Handling:
Lead the response for complex security events such as targeted attacks, advanced malware, and potential breaches. Perform Cyber Kill Chain and MITRE ATT&CK analysis on incoming security alerts.
Containment:
Initiate the incident response process upon detection of security incidents. Log incidents and alert investigations, documenting findings and outcomes in ticketing systems.
Collaborative Response:
Work closely with the L1 team.
Forensic Analysis.
Threat Intelligence.
Improving Detection:
Manage and detect security alerts and events from SIEM and other monitoring platforms.
Modify and tune security monitoring tools (e.g., SIEM correlation rules).
Review data from critical systems to enhance defence controls.
Conduct rule testing and refinement.
Review and validate new and existing SIEM alerts, ensuring they align with threat hunting frameworks like MITRE ATT&CK.
Security Audits.
Incident Reporting.
Vulnerability Management.
Change Management:
Create and manage change control requests.
Automation SOAR Solutions and playbooks.
Client Interaction and Reporting.
System Integration and deployment:
Assist in the integration of systems and platforms.
Ensure that security automation tools are integrated.
Monitor the health of log sources.
Performance Monitoring:
Track alert severity, analyst workload, and response times (MTTD, MTTR) to optimize operations.
Your expertise:
4 years of experience in a cybersecurity role.
In-Depth IT Security Knowledge: Strong understanding of security protocols, fundamental understanding of operating systems (Windows, Linux), encryption standards, authentication mechanisms, and common attack vectors (e.g., XSS, SQL Injection, buffer overflow) and advanced networking concepts (IP, DNS, TCP/IP).
Tools Proficiency: Experience using security tools such as:
SIEM
Secure web Gateways
Mail web Gateways
Security detection and response
EPP +EDR
Vulnerability Management
SASE
Programming Language
Preferred Certification and Experience:
Logpoint (Preferred)
AlienVault
Elastic Search
Symantec +EDR, WithSecure +EDR, Trend Micro +EDR
WithSecure Vulnerability Management
Python
Azure
AWS
Programming and Scripting Expertise: Basic proficiency in scripting (e.g., Python, Bash, PowerShell) to automate security tasks and analyse logs. Proficient in regular expression and have the ability to build queries.
Report Writing: Ability to clearly and concisely document incidents, procedures, and technical investigations for both technical and non-technical stakeholders.
Qualifications required:
Industry certifications such as CySA+, CISSP (Certified Information Systems Security Professional) are advantageous.
Other information applicable to the opportunity:
Permanent Position
Location: Pretoria
Travel: Travelling might be required
Why work for us?
If the daily grind makes you wonder if there's more to life than work, get ready to discover a professional journey that embraces excellence without compromise.
You've arrived at iOCO Infrastructure Services (iOCO IS), where we are all about delivering outstanding client experiences through sustainable, innovative IT infrastructure solutions that tackle business challenges head-on.
At our core, we're challengers, disruptors, and innovators. We're a community of skilled professionals with an ambitious spirit dedicated to providing for our clients while finding joy in the process. Our clients are at the heart of everything we do. Their satisfaction fuels our fire and propels us forward.
#J-18808-Ljbffr