Cybersecurity Incident Management Specialist
3 weeks ago
**ROLE PURPOSE**
As part of the Customer-facing Nexio SOC team, the Cybersecurity Incident Management Specialist is a crucial role within an organization's cybersecurity team. The primary responsibility of the Cybersecurity Incident Management Specialist is to detect, respond to, investigate, and mitigate cyber threats and incidents that occur within the organization's network and information systems. The Cybersecurity Incident Management Specialist role requires strong technical skills, deep knowledge of cybersecurity principles and technologies, and the ability to work in a fast-paced, high-pressure environment. The Cybersecurity Incident Management Specialist plays a crucial role in coordinating and providing technical support to resolve cyber defense incidents across the enterprise. The Cybersecurity Incident Management Specialist is responsible for analyzing incident data, identifying vulnerabilities, and recommending remediation actions. The Cybersecurity Incident Management Specialist performs log file analysis, triages incidents, conducts trend analysis, and handles real-time incident response tasks. The Cybersecurity Incident Management Specialist tracks and documents incidents, publishes reports and collaborates with Corporate Riks and intelligence analysts. Additionally, the Cybersecurity Incident Management Specialist stays updated on the latest cyber threats and coordinates incident response functions.
He/She should ideally have competency in security incident handling analysis experience in an established SOC environment and contribute to risk management.
**ROLE REQUIREMENT**
- Adheres to the standard operating procedure and playbooks in the SOC.
- Impacts on Customer satisfaction and confidence in the SOC Service and service level performance.
- Validate and declare security incidents based on incident handling methodologies.
- Confirm severity levels (S0 to S4) using SLA severity classification.
- Provide guidance and support to SOC Analysts during incident response.
- Determine the impact on critical systems or data sets and advise on remediation steps.
- Manage security events, incidents, and service requests via the ticketing systems.
- Incident Coordination and Support:
- Provide expert technical support to Analysts and Operational personnel to resolve incidents.
- Incident Analysis and Remediation:
- Correlate incident data to identify vulnerabilities and recommend remediation.
- Analyze log files from various sources to detect network security threats.
- Perform incident triage, determine scope and impact, identify vulnerabilities, and suggest remediation actions.
- Collect intrusion artifacts and leverage data for mitigating potential incidents.
- Incident Reporting and Communication:
- Perform trend analysis and report on cyber defense incidents.
- Track and document incidents from detection to resolution and closure.
- Write and publish incident findings, guidance, and reports for relevant stakeholders.
- Real-Time Incident Handling:
- Conduct real-time incident handling tasks, including forensic collections, threat analysis, and system remediation.
- Collect artifacts and inspect for possible mitigation on enterprise systems.
- Collaboration and Liaison:
- Serve as a technical expert and liaison to Incident Analysts and Operational personnel.
- Coordinate with intelligence analysts to correlate threat assessment data.
Additional Information:
- Good understanding of security incident analysis and incident handling practices, proficient knowledge of networking protocols, operating systems, and security architecture in an established SOC.
- Individuals at this level are competent in best practices in security incident handling in an established SOC.
- Able to build strong interpersonal relationships with the SOC team and customer stakeholders.
- Competent communication skills and communication of complex information to non-technical stakeholders.
- Competent in producing and presenting work.
**TECHNICAL / PROFESSIONAL COMPETENCIES**
- Adhere to operational processes in the NIST CSF, CIS CSC, NIST SP 800-53, and MITRE ATT&CK framework
- Prior experience to advise, plan, deploy, configure, manage, and monitoring large-scale and complex cyber defence and IT risk management and information or cybersecurity solutions.
**QUALIFICATIONS & EXPERIENCE**
- Grade 12
- One or more of these industry Cybersecurity Certifications: such as CISSP, GCIH, GCIA, or relevant vendor-specific certifications
- Minimum of four (4) years of work experience, and three (3) years of relevant experience in an established SOC and information security/cybersecurity
- Analytical, problem-solving, and critical-thinking skills.
- Strong knowledge of cybersecurity principles, incident response methodologies, and defense-in-depth practices.
- Proficiency in analyzing log files, conducting trend analysis, and correlating incident data.
- Experience with incident triage, vulnerability identification, and remediati
-
Specialist: Cybersecurity Incident Manager
3 weeks ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Cybersecurity Incident Manager is a crucial role within an organization's cybersecurity team. The primary responsibility of the Cybersecurity Incident Manager is to detect, respond to, investigate, and mitigate cyber threats and incidents that occur within the organization's network and...
-
Specialist: Cybersecurity Incident Manager
7 days ago
Midrand, Gauteng, South Africa Nexio Full timeROLE PURPOSEAs part of the Customer-facing Nexio SOC team, the Cybersecurity Incident Manager is a crucial role within an organization's cybersecurity team. The primary responsibility of the Cybersecurity Incident Manager is to detect, respond to, investigate, and mitigate cyber threats and incidents that occur within the organization's network and...
-
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Cybersecurity Incident Manager is a crucial role within an organization's cybersecurity team. The primary responsibility of the Cybersecurity Incident Manager is to detect, respond to, investigate, and mitigate cyber threats and incidents that occur within the organization's network and...
-
Specialist: Cybersecurity Analyst
3 weeks ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Specialist: Cybersecurity Analyst plays a critical role in monitoring, detecting, and responding to cybersecurity incidents within a Security Operations Center. The Cybersecurity Analyst utilizes incident handling methodologies to validate security events, assess severity levels, and provide...
-
Specialist: Cybersecurity Analyst
2 months ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Specialist: Cybersecurity Analyst plays a critical role in monitoring, detecting, and responding to cybersecurity incidents within a Security Operations Center. The Cybersecurity Analyst utilizes incident handling methodologies to validate security events, assess severity levels, and...
-
Specialist: Cybersecurity Analyst
2 days ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Specialist: Cybersecurity Analyst plays a critical role in monitoring, detecting, and responding to cybersecurity incidents within a Security Operations Center. The Cybersecurity Analyst utilizes incident handling methodologies to validate security events, assess severity levels, and...
-
Specialist: Cybersecurity Analyst
7 days ago
Midrand, Gauteng, South Africa Nexio Full timeROLE PURPOSEAs part of the Customer-facing Nexio SOC team, the Specialist: Cybersecurity Analyst plays a critical role in monitoring, detecting, and responding to cybersecurity incidents within a Security Operations Center. The Cybersecurity Analyst utilizes incident handling methodologies to validate security events, assess severity levels, and provide...
-
Specialist: Cybersecurity Analyst
7 days ago
Midrand, Gauteng, South Africa Nexio Full timeROLE PURPOSEAs part of the Customer-facing Nexio SOC team, the Specialist: Cybersecurity Analyst plays a critical role in monitoring, detecting, and responding to cybersecurity incidents within a Security Operations Center. The Cybersecurity Analyst utilizes incident handling methodologies to validate security events, assess severity levels, and provide...
-
Senior Specialist: Cybersecurity Analyst
3 weeks ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Senior Specialist: Cybersecurity Analyst plays a critical role in monitoring, detecting, and responding to cybersecurity incidents within a Security Operations Center. The Cybersecurity Analyst utilizes incident handling methodologies to validate security events, assess severity levels, and...
-
Senior Specialist: Cybersecurity Infrastructure
3 weeks ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Senior Specialist: Cybersecurity Infrastructure Support will identify, analyze and react to security incidents, events, and threats using a reliable set of operating processes and SIEM technologies such as Azure Sentinel, or QRadar, or ArcSight. The Senior Specialist: Cybersecurity...
-
Specialist Cybersecurity Infrastructure Support
2 months ago
Midrand, South Africa TalentCru Full timeOur client is looking for a Specialist Cybersecurity Infrastructure Support. This individual will identify, analyze and react to security incidents, events, and threats using a reliable set of operating processes and SIEM technologies such as Azure Sentinel, or QRadar, or ArcSight. He will support the architecture, deployment, management, and maintenance of...
-
Specialist Cybersecurity Infrastructure Support
3 weeks ago
Midrand, South Africa TalentCru Full timeOur client is looking for a Specialist Cybersecurity Infrastructure Support. This individual will identify, analyze and react to security incidents, events, and threats using a reliable set of operating processes and SIEM technologies such as Azure Sentinel, or QRadar, or ArcSight. He will support the architecture, deployment, management, and maintenance of...
-
Specialist: Cybersecurity Threat Analyst
2 months ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Cybersecurity Threat Analyst will be responsible for monitoring enterprise networks and systems, deterring, identifying, investigating, and mitigating, any and all threats that are directed against those systems regardless of their classification level or type. The Cybersecurity Threat...
-
Specialist: Cybersecurity Threat Analyst
2 days ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Cybersecurity Threat Analyst will be responsible for monitoring enterprise networks and systems, deterring, identifying, investigating, and mitigating, any and all threats that are directed against those systems regardless of their classification level or type. The Cybersecurity Threat...
-
Cybersecurity Specialist
7 days ago
Midrand, Gauteng, South Africa Nambiti Technologies Full timeGauteng, Midrand- market related (Market related, Negotiable)Our client based in Gauteng is looking for a Cybersecurity Specialist with 5+ years relevant experience in Cybersecurity for a period of 5 yearsRequired skills and knowledge Wellversed with various security tools such as Burp Suite, Nmap. Nessus Qualys, Metaspoilt, etc.; Fully understanding if...
-
Midrand, Gauteng, South Africa Nexio Full timeROLE PURPOSEAs part of the Customer-facing Nexio SOC team, the Senior Specialist: Cybersecurity Infrastructure Support will identify, analyze and react to security incidents, events, and threats using a reliable set of operating processes and SIEM technologies such as Azure Sentinel, or QRadar, or ArcSight The Senior Specialist:Cybersecurity Infrastructure...
-
Cybersecurity Analyst
7 days ago
Midrand, Gauteng, South Africa Fidelity Services Group Full timeJob Title: Cybersecurity AnalystLocation: Ulwazi Campus Midrand/HelderkruinReports to: Information Security Manager**Job Summary:We are seeking a skilled and dedicated Cybersecurity Analyst to join our Cybersecurity team in the physical security industry. As a Cybersecurity Analyst, you will play a crucial role in ensuring the security of our diverse client...
-
Senior Specialist: Cybersecurity Threat Analyst
2 months ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Cybersecurity Threat Analyst will be responsible for monitoring enterprise networks and systems, deterring, identifying, investigating, and mitigating, any and all threats that are directed against those systems regardless of their classification level or type. The Cybersecurity Threat...
-
Senior Specialist: Cybersecurity Threat Analyst
3 weeks ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Cybersecurity Threat Analyst will be responsible for monitoring enterprise networks and systems, deterring, identifying, investigating, and mitigating, any and all threats that are directed against those systems regardless of their classification level or type. The Cybersecurity Threat...
-
Incident Manager
1 week ago
Midrand, South Africa Nexio Full timeNexio is a specialist ICT solution provider that helps clients build, support, and manage their IT infrastructures. We have operations in all 9 provinces across the country, over 200 clients and over 600 employees and as a Level 1 BBBEE we put to practice our commitment to South Africa’s transformation agenda, we are at the forefront of digital...
