Specialist Cybersecurity Incident Management
Nexio
Midrand, Gauteng
Permanent
Closing Date 13 December 2024Job Details Division: Solutions
Minimum experience: Mid-Senior
Company primary industry: Information Technology and Services
Job functional area: Information Technology
Job Description ROLE PURPOSE As part of the Customer-facing Nexio SOC team, the Cybersecurity Incident Manager is a crucial role within an organization's cybersecurity team. The primary responsibility is to detect, respond to, investigate, and mitigate cyber threats and incidents within the organization's network and information systems. This role requires strong technical skills, deep knowledge of cybersecurity principles and technologies, and the ability to work in a fast-paced, high-pressure environment. The Cybersecurity Incident Manager plays a crucial role in coordinating and providing technical support to resolve cyber defense incidents across the enterprise, analyzing incident data, identifying vulnerabilities, and recommending remediation actions.
ROLE REQUIREMENT Adhere to the standard operating procedure and playbooks in the SOC.Validate and declare security incidents based on incident handling methodologies.Confirm severity levels (S0 to S4) using SLA severity classification.Provide guidance and support to SOC Analysts during incident response.Determine the impact on critical systems or data sets and advise on remediation steps.Manage security events, incidents, and service requests via the ticketing systems.Coordinate incident response activities and ensure timely resolution.Correlate incident data to identify vulnerabilities and recommend remediation.Analyze log files from various sources to detect network security threats.Perform incident triage, determine scope and impact, identify vulnerabilities, and suggest remediation actions.Track and document incidents from detection to resolution and closure.Write and publish incident findings, guidance, and reports for relevant stakeholders.Conduct real-time incident handling tasks, including forensic collections, threat analysis, and system remediation.Coordinate with intelligence analysts to correlate threat assessment data.Additional Information: Individuals at this level are competent in best practices in security incident handling in an established SOC. They should be able to build strong interpersonal relationships with the SOC team and customer stakeholders, possess competent communication skills, and have a good understanding of security incident analysis and incident handling practices.
TECHNICAL / PROFESSIONAL COMPETENCIES Adhere to operational processes in the NIST CSF, CIS CSC, NIST SP 800-53, and MITRE ATT&CK framework.Proficient in incident triage methodologies and techniques to identify and investigate potential security threats.Prior experience to advise, plan, deploy, configure, manage, and monitor large-scale and complex cyber defense and IT risk management solutions.QUALIFICATIONS & EXPERIENCE Grade 12.One or more industry Cybersecurity Certifications such as CISSP, GCIH, GCIA, or relevant vendor-specific certifications.Minimum of four (4) years of work experience, with three (3) years of relevant experience in an established SOC and information security/cybersecurity.Strong knowledge of cybersecurity principles, incident response methodologies, and defense-in-depth practices.Excellent communication, documentation, and report-writing skills.LEADERSHIP COMPETENCY REQUIREMENTS Maintain integrity, professionalism, and promote ethical behavior.Effectively respond to and manage cybersecurity incidents.Be proactive, innovative, and demonstrate reliability.Put the customer first and maintain a positive attitude in the face of challenges.
#J-18808-Ljbffr