Security Operations Centre Support Engineer - Pretoria Verfied

Salary Negotiable Pretoria, Gauteng Pretoria, Gauteng more than 14 days ago 02-01-2017 4:00:51 PM
30-01-2017 4:00:51 PM
This job function is to provide dedicated “eyes on glass” monitoring and analysis capability for SOC operations. The analyst will also conduct analysis of security events to include validation, escalation and reporting of events of interest based on the guidelines and event handlers provided to them. The Support Engineer will be responsible for all such events of interest and will make sure they are continuously monitored and reviewed.

Key areas of responsibility:

  • This position is a “Follow the Sun” initiative (various offices across the globe to relieve one another of service across time differences) thus there will be rotational schedules (3 days at work, 2 days off) – This is a 365 day / 7days per week / 24 hours a day department. 
  • Monitoring and analysis of cyber security events
  • Services monitored will include, but are not limited to SIEM, IDS/IPS, Firewall, Web Application Firewalls, Data Loss Prevention (DLP), DAM, ePO
  • Security Event Correlation and Reporting to appropriate Tier 2 Security Analyst or Incident Response staff or relevant sources to determine increased risk to the business
  • Recognize potential; successful; and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
  • Monitoring that all Security tools are working properly
  • Check external feedback from other teams on a daily basis and apply the results effectively
  • Get feedback from the shift team on a weekly basis and assist where possible to address points of frustration
  • Updates inaccurate and add missing knowledge base documents where required
  • Handles escalations effectively, ensuring a minimal number of duplicate escalations created
  • When acknowledging alerts, ensures alerts are closed at the end of every shift
  • Monitors alerts and incidents diligently by actioning them in a timeous manner
  • Investigates alerts using the systems provided and adds investigation details to escalated incident descriptions
  • Reports back on identified trends that may be forming and/or proactive actions taken to reduce spam
  • Ensures all tasks/incidents are assigned to the correct support teams

Desired qualifications and experience:

  • Security Operations Center (SOC) environment experience with at least 3 years of IT to include 1+ years of related SOC and incident monitoring experience a MUST
  • Experience with SIEM, IDS/IPS, Firewall, Web Application Firewalls, Data Loss Prevention (DLP) and Security Event Correlation
  • Excellent analytical and problem solving skills
  • Experience with technical writing
  • Possess an understanding of security standards and risk management
  • Have excellent written and verbal communication skills
  • Possess the ability to adjust and adapt to changing priorities in a dynamic environment
  • Be able to multi-task and be pro-active in addressing issues and requests
  • Possess technical acumen and the ability to understand and interpret technical specifications
  • Security + beneficial but not required

Recruiter: CompuJobs