CSOC Analyst

Cape Town, Western Cape, South Africa

Applications have closed

The CSOC Analyst role is part of the Cyber Security Operations Centre (CSOC) and sits within the Security & Networks area of Content + Cloud. The candidate will be an active player within the Cyber Security Operations Centre (CSOC) using a variety of SIEM and security toolsets to meet the requirements of the business and its customers.

This is a hands-on role and requires a broad technical knowledge, skills and abilities. Although the focus is on Cyber Security, knowledge and/or experience of modern IT systems and infrastructure is advantageous to assist with the development and continuous improvement of the security platforms within Content + Cloud and its customer’s environments.

Requirements

  • Work within a multi-disciplined CSOC team identifying, owning, progressing and resolving security incidents.
  • Perform the prompt and effective triage and investigation of security events and incidents applying sound problem solving methods to determine scope, urgency, and potential impact.
  • Provide technical support for the identification and response to events or incidents of a suspicious or malicious nature, and apparent security breaches.
  • Work with internal and external stakeholders to resolve computer security incidents and vulnerability compliance.
  • Drive customer satisfaction and continuously seek to improve operational performance
  • Maintain a continuous understanding of the threat landscape with in-depth knowledge around threat actors, TTPs and vulnerabilities

Health and Safety

To comply with Health and Safety legislation, following Content + Cloud processes to ensure your own safety and the safety of others.

Essential

  • Excellent soft skills in the form of team working, problem solving and communication.
  • A keen self-starter who can evidence excellent customer service and can collaborate effectively.
  • Demonstrable experience working with SIEM technology, preferably within a CSOC / SOC environment
  • Demonstrable technical knowledge, skills and/or experience in intrusion analysis, and network and security investigation using a variety of security tools (EDR, DLP, AV, Snort, Wireshark, TCPdump etc.).
  • Working knowledge and experience of core security and infrastructure technologies (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS)
  • Strong knowledge of understanding of multiple operating systems.

Desired

  • Having achieved at least a BSc or MSc in Cyber Security incorporating Ethical Hacking, Digital Forensics or Information Security; or
  • One or more of the following industry certifications: CEH, GCIA, GCIH, GSEC, Security+, GCTI
  • Experience in secured cloud architectures (Azure, AWS) and engineering solutions
  • Formal experience in Digital Forensics or experience using EnCase, FTK Imager or similar
  • An awareness of cyber security related standards and regulations, for example, NIST, CIS, ISO 27001 and PCI DSS

All recruitment and selection for Content+Cloud is guided by the principles of our Employment Equity Plan

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: AWS Azure CEH Cloud Compliance EDR Ethical hacking Firewalls Forensics GCIA GCIH GSEC IDS IPS ISO 27001 Malware Network security NIST PCI DSS SIEM Snort SOC TTPs Vulnerabilities

Perks/benefits: Team events

Region: Africa
Country: South Africa
Job stats:  13  2  0

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.