Techsavanna Company Ltd
Job Title: Senior Cyber Security Operations Center (SOC) Analyst
We are pleased to announce the following vacancy within the Corporate Security Division.
In keeping with our current business needs, we are looking for a person who meets the criteria indicated below.
Detailed Description: The Cyber Security Operations Center (CSOC) team is responsible for monitoring, assessing and defending our clients Enterprise Information Systems. The team continuously develops and investigates correlated security event feeds, escalating any identified security incidents.
They are the primary contact for any suspected security incidents, working together with remediation teams, resolving incidents and foiling Cyber Security threats against the Clients Brand.
Reporting to the Team Leader – Cyber Security Operations Centre (CSOC), the successful candidate will lend support in Cyber threat detection, working in 24/7 shifts, providing eyes-on-the-glass service at the clients CSOC, performing real-time monitoring and identification of security incidents.
He/She will help identify suspicious activity, open incident investigation tickets and escalate any key concerns to Level 2/3 for additional analysis & communication.
- Work in 24*7 shifts performing real time monitoring of security alerts generated by various security tools deployed by our client.
- Serves as a primary point of contact for reporting potential security incidents
- Validate, classify and open tickets for security incidents
- Analyze and assess security alerts and escalate to Level 2/3 analysts for further investigations and communication
- Document security incidents as identified by the case management process
- Provide feedback on enhancing the operations of the cyber security operations Centre
- Respond to generated security alerts within the time window as defined in procedural SLAs
- Pick out potential intrusions from seemingly benign sets of audit logs or security alerts
- Triage (primary investigation) of detected security alerts and make necessary escalation decisions
- Escalation to appropriate teams, follow ups and provide assistance during remediation
- Bachelor’s degree in Electrical Engineering / Computer Science / IT Security / Information Technology
- Knowledge of common SIEM solutions, the purpose of them and an understanding of how they work
- Knowledge of common network protocols such as TCP/IP, HTTP, DNS, etc.
- Experience with Microsoft Windows and *NIX operating systems are required.
- Knowledge and/or experience with common security tools such as anti-virus, Intrusion Prevention Systems and Firewalls is an added advantage
- Knowledge and/or experience with Relational Database Management Systems (RDBMS) – Oracle, MS SQL, My SQL, Pervasive SQL is an added advantage
- Good communication and presentations skills are required
- Enthusiasm, curiosity, thirst for knowledge and passion for the job is required
- Analytical thinking
- Customer focused. Team spirit
Job Specific Questions
- Do you have a Bachelor’s degree in either Electrical Engineering, Computer Science, Information Security or Information Technology? – Required
- Do you have at least 3 months working in a Cyber Security Operations Center? Or at least 1 year working in a Busy IT Security Environment? – Required
- Do you have Knowledge of common SIEM solutions, their purpose and an understanding of how they work? – Required
- Do you have Knowledge of common network protocols such as TCP/IP, HTTP, DNS, etc. – Required
- Do you have Knowledge and/or experience with security tools such as anti-virus, Intrusion Prevention Systems and Firewalls ?- Asset
- Do you have Knowledge and/or experience with Relational Database Management Systems (RDBMS) – Oracle, MS SQL, My SQL, Pervasive SQL – Asset
How to Apply
If you feel that you are up to the challenge and possess the necessary qualification and experience, please send your resume with your cell phone contact indicating your experience and why you are the most suitable candidate for the role, clearly quoting the job title and job reference to the address below by 9th November 2020.