Csoc Specialist

**Location**:
Cape Town, Western Cape

**Job Title**:
CSOC Specialist

**Salary Type**:
Negotiable

**Education Level**:
Diploma

**Job Level**:
Intermediate

**Required Experience**:
3 - 5 Years

The CSOC Specialist role is part of the Cyber Security Operations Centre (CSOC) and sits within the Cyber Services Department of Content + Cloud

This is a hands-on role and requires a broad technical knowledge, skills and abilities. Although the focus is on Cyber Security, knowledge and/or experience of modern IT systems and infrastructure is advantageous to assist with the development and continuous improvement of the security platforms within Content + Cloud and its customer’s environments.

**Requirements**:

- Work within a multi-disciplined CSOC team identifying, owning, progressing and resolving security incidents.
- Provide technical support for the identification and response to events or incidents of a suspicious or malicious nature, and apparent security breaches.
- Addresses technical problems; install, configure, troubleshoot, and provides maintenance to security platforms. Provides specialist technical support to Incident Response (IR)
- Collaborate with stakeholders to identify access and data collection gaps providing specialist Cyber technical advice, guidance and support.
- Drive customer satisfaction and continuously seek to improve operational performance.
- Maintain a continuous understanding of the threat landscape with in-depth knowledge around threat actors, TTPs and vulnerabilities
- Actively support the Cyber Security Operations and Cyber Security Engineering functions in the planning, development and execution of initiatives designed to improve services and performance.

**Essential**
- Excellent soft skills in the form of team working, problem solving and communication.
- A keen self-starter who can evidence excellent customer service and can collaborate effectively.
- Demonstrable experience working with SIEM technology, preferably within a CSOC / SOC environment
- Demonstrable technical knowledge, skills and/or experience in intrusion analysis, and network and security investigation using a variety of security tools (EDR, DLP, AV, Snort, Wireshark, TCPdump etc.).
- Working knowledge and experience of core security and infrastructure technologies (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS)

**Desired**
- Having achieved at least a BSc or MSc in Cyber Security incorporating Ethical Hacking, Digital Forensics or Information Security; or
- One or more of the following industry certifications: CEH, GCIA, GCIH, GSEC, Security+, GCTI
- Experience in secured cloud architectures (Azure, AWS) and engineering solutions
- Formal experience in Digital Forensics or experience using EnCase, FTK Imager or similar
- An understanding of multiple operating systems and their programming interfaces such as UNIX Shell and PowerShell.
- An awareness of cyber security related standards and regulations, for example, NIST, CIS, ISO 27001 and PCI DSS