Security Incident Response Analyst IT - Johannesburg

• 7+ years of professional IT experience in either, but not limited to systems administration, systems

engineering, and/or TCP/IP network administration

• 3+ years of professional IT experience including experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling and platform management
• A sound knowledge of IT security best practices, common attack types and detection/prevention methods including malware, emerging threats, attacks, and vulnerability management
• TCP/IP knowledge, networking, and security product experience
• Demonstrable experience of analysing and interpreting system, security, and application logs
• Knowledge of the type of events that both Firewalls, IDS/IPS and other security related devices produce
• Experience with various security technology platforms such as, but not limited to: SIEM, AV, ETDR, DLP, Email Security
• Strong deductive reasoning, critical thinking, problem solving, and prioritization skills
• Experience assisting the development and maintenance of tools, procedures, and documentation
• Customer service including the resolution of customer escalations, incident handling, and response
• Highly proficient in spoken and written English

Duties:

• Handling of Incidents through ticketing systems and follow through completion and/or escalation in

accordance with established procedures.

• Work in correlation with SLAs as applicable for day-to-day Operations
• Troubleshooting security incidents, reported by end-users, or discovered by proactive health checks
• Monitor multiple security technologies, such as IDS/IPS, Firewalls, Switches, VPNs, and other security threat

data sources

• Respond to inbound requests via email and other electronic means for technical assistance with security

managed services

• Case escalation and management
• Resolve problems independently and understand escalation procedure
• General administration (user accounts, settings, policies, groups, etc.)
• Miscellaneous security platform specific outputs
• Assist in the recommendation for improvements and the development of technical standards
• Create, follow, and present detailed operational process and procedures to appropriately analyse, escalate,

and assist in remediation of critical information security incidents

• Create, follow, and present customer reports to ensure quality, accuracy, and value to the Client

Find Us on Social Media