Senior Specialist: Cybersecurity Infrastructure
2 weeks ago
**ROLE PURPOSE**
As part of the Customer-facing Nexio SOC team, the Senior Specialist: Cybersecurity Infrastructure Support will identify, analyze and react to security incidents, events, and threats using a reliable set of operating processes and SIEM technologies such as Azure Sentinel, or QRadar, or ArcSight. The Senior Specialist: Cybersecurity Infrastructure Support will support the architecture, deployment, management, and maintenance of these SIEM platforms. The Senior Specialist also oversees the extensive work with Security Information and Event Management (SIEM) platforms, ensuring their stability and efficient operation.
**ROLE REQUIREMENT**
- Is familiar with the tactical and long-term vision across the Security function.
- Sets technical platform architectural direction.
- Adheres to the standard operating procedure and playbooks in the SOC
- Direct impact on the SOC performance.
- Impacts on customer satisfaction and confidence in the SOC Service and service level performance.
- Provides Cybersecurity Infrastructure leadership to customers and SOC Team.
- Provides technical guidance and coaching to SOC Teams.
- Gives regular, comprehensive, and constructive feedback to the team.
- Proactively seeks feedback from team members and deals constructively with any criticism.
- Adjusts management style to get the best from the individuals within the team.
- Delegates work to team members taking into account their capacity, level of skill, and exposure to different types of work and complexity; provides clear instructions and direction, with reasonable deadlines.
- SIEM Management: Monitor the environmental stability of the SIEM platform(s), manage the health of log collection methods, facilitate SIEM change requests, and manage the scheduled SIEM platform upgrades.
- SIEM Architecture Support: Support SIEM architecture changes, tool deployments, and advanced content development. Deploy SIEM hardware and software installations, both on-premise and cloud, and perform system patching and upgrades.
- SIEM Configuration: Responsible for configuration, implementation, testing, and performance enhancements for SIEM technologies, with a preference for ArcSight appliances, Azure Sentinel, or QRadar.
- Documentation: Build and maintain operational documentation to support the SIEM platform(s), write and maintain process documentation, and create, maintain, and implement detailed documentation and standard operating procedures.
- Incident Response: Assist in the response to cybersecurity incidents, providing technical expertise and support.
- Policy Enforcement: Ensure that all systems and networks comply with applicable cybersecurity policies
and standards.
- Support: Provide support on a weekday business hours schedule, also responsible for on-call, extended hour, and weekend support as required by mission or emergency situations.
- Be able to work in a rapid-paced security operations environment.
- Work with systems engineers, enterprise architects, systems administrators and other technical staff on the implementation, testing, deployment and integration of computing systems.
- Interact with users and evaluate vendor products.
- Create, maintain, and implement detailed documentation and maintain standard operating procedures.
- Application of security settings and other commercial best practices such as SIEM Analysis services.
- Application of open source and commercial threat intelligence feeds into the SIEM.
Additional Information:
- Individuals at this level have fully developed knowledge of the business, marketplace and clients. Is recognized as an expert in own area within the organization
- Interprets internal or external business issues and recommends best practices. Provides technical guidance to more junior levels of staff
- Able to build strong interpersonal relationships with peers, brand leaders, and other senior management throughout the company
- Excellent verbal and written communication skills
- Able to align multiple strategies and ideas
- Confident in producing and presenting work
- In-depth understanding of the technologies and industry
**TECHNICAL / PROFESSIONAL COMPETENCIES**
- Adhere to operational processes in the MITRE ATT&CK framework.
- Adhere to the technical methods in SIEM platform.
- Responsible for configuration, implementation, testing, and performance enhancements for SIEM technologies with a preference for ArcSight appliances (loggers, smart connectors, forwarders, ArcMC, and ESM), or Azure Sentinel, or QRadar.
- Work with systems engineers, enterprise architects, systems administrators, and other technical staff on the implementation, testing, deployment, and integration of computing systems.
- Application of security settings and other commercial best practices such as SIEM Analysis services.
- Application of open source and commercial threat intelligence feeds into the SIEM.
**QUALIFICATIONS & EXPERIENCE**
- Grade 12
- Bachelor’s Degree in Computer Science or a
-
Midrand, Gauteng, South Africa Nexio Full timeROLE PURPOSEAs part of the Customer-facing Nexio SOC team, the Senior Specialist: Cybersecurity Infrastructure Support will identify, analyze and react to security incidents, events, and threats using a reliable set of operating processes and SIEM technologies such as Azure Sentinel, or QRadar, or ArcSight The Senior Specialist:Cybersecurity Infrastructure...
-
Specialist Cybersecurity Infrastructure Support
2 months ago
Midrand, South Africa TalentCru Full timeOur client is looking for a Specialist Cybersecurity Infrastructure Support. This individual will identify, analyze and react to security incidents, events, and threats using a reliable set of operating processes and SIEM technologies such as Azure Sentinel, or QRadar, or ArcSight. He will support the architecture, deployment, management, and maintenance of...
-
Specialist Cybersecurity Infrastructure Support
2 weeks ago
Midrand, South Africa TalentCru Full timeOur client is looking for a Specialist Cybersecurity Infrastructure Support. This individual will identify, analyze and react to security incidents, events, and threats using a reliable set of operating processes and SIEM technologies such as Azure Sentinel, or QRadar, or ArcSight. He will support the architecture, deployment, management, and maintenance of...
-
Senior Specialist: Cybersecurity Analyst
2 weeks ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Senior Specialist: Cybersecurity Analyst plays a critical role in monitoring, detecting, and responding to cybersecurity incidents within a Security Operations Center. The Cybersecurity Analyst utilizes incident handling methodologies to validate security events, assess severity levels, and...
-
Specialist: Cybersecurity Analyst
2 months ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Specialist: Cybersecurity Analyst plays a critical role in monitoring, detecting, and responding to cybersecurity incidents within a Security Operations Center. The Cybersecurity Analyst utilizes incident handling methodologies to validate security events, assess severity levels, and...
-
Specialist: Cybersecurity Analyst
2 weeks ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Specialist: Cybersecurity Analyst plays a critical role in monitoring, detecting, and responding to cybersecurity incidents within a Security Operations Center. The Cybersecurity Analyst utilizes incident handling methodologies to validate security events, assess severity levels, and provide...
-
Cybersecurity Specialist
2 days ago
Midrand, Gauteng, South Africa Nambiti Technologies Full timeGauteng, Midrand- market related (Market related, Negotiable)Our client based in Gauteng is looking for a Cybersecurity Specialist with 5+ years relevant experience in Cybersecurity for a period of 5 yearsRequired skills and knowledge Wellversed with various security tools such as Burp Suite, Nmap. Nessus Qualys, Metaspoilt, etc.; Fully understanding if...
-
Cybersecurity Incident Management Specialist
2 weeks ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Cybersecurity Incident Management Specialist is a crucial role within an organization's cybersecurity team. The primary responsibility of the Cybersecurity Incident Management Specialist is to detect, respond to, investigate, and mitigate cyber threats and incidents that occur within the...
-
Specialist: Cybersecurity Analyst
2 days ago
Midrand, Gauteng, South Africa Nexio Full timeROLE PURPOSEAs part of the Customer-facing Nexio SOC team, the Specialist: Cybersecurity Analyst plays a critical role in monitoring, detecting, and responding to cybersecurity incidents within a Security Operations Center. The Cybersecurity Analyst utilizes incident handling methodologies to validate security events, assess severity levels, and provide...
-
Specialist: Cybersecurity Analyst
2 days ago
Midrand, Gauteng, South Africa Nexio Full timeROLE PURPOSEAs part of the Customer-facing Nexio SOC team, the Specialist: Cybersecurity Analyst plays a critical role in monitoring, detecting, and responding to cybersecurity incidents within a Security Operations Center. The Cybersecurity Analyst utilizes incident handling methodologies to validate security events, assess severity levels, and provide...
-
Cybersecurity Specialist
2 months ago
Midrand, South Africa Nambiti Technologies Full timeGauteng, Midrand - market related (Market related, Negotiable) Our client based in Gauteng is looking for a Cybersecurity Specialist with 5+ years relevant experience in Cybersecurity for a period of 5 years **Required skills and knowledge** - Well-versed with various security tools such as Burp Suite, Nmap. Nessus Qualys, Metaspoilt, etc.; - Fully...
-
Senior Specialist: Cybersecurity Threat Analyst
2 months ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Cybersecurity Threat Analyst will be responsible for monitoring enterprise networks and systems, deterring, identifying, investigating, and mitigating, any and all threats that are directed against those systems regardless of their classification level or type. The Cybersecurity Threat...
-
Senior Specialist: Cybersecurity Threat Analyst
2 weeks ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Cybersecurity Threat Analyst will be responsible for monitoring enterprise networks and systems, deterring, identifying, investigating, and mitigating, any and all threats that are directed against those systems regardless of their classification level or type. The Cybersecurity Threat...
-
Midrand, Gauteng, South Africa Nexio Full timeROLE PURPOSEAs part of the Customer-facing Nexio SOC team, the Cybersecurity Threat Analyst will be responsible for monitoring enterprise networks and systems, deterring, identifying, investigating, and mitigating, any and all threats that are directed against those systems regardless of their classification level or type. The Cybersecurity Threat Analyst is...
-
Specialist: Cybersecurity Threat Analyst
2 months ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Cybersecurity Threat Analyst will be responsible for monitoring enterprise networks and systems, deterring, identifying, investigating, and mitigating, any and all threats that are directed against those systems regardless of their classification level or type. The Cybersecurity Threat...
-
Specialist: Cybersecurity Incident Manager
2 weeks ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Cybersecurity Incident Manager is a crucial role within an organization's cybersecurity team. The primary responsibility of the Cybersecurity Incident Manager is to detect, respond to, investigate, and mitigate cyber threats and incidents that occur within the organization's network and...
-
Specialist: Cybersecurity Incident Manager
2 days ago
Midrand, Gauteng, South Africa Nexio Full timeROLE PURPOSEAs part of the Customer-facing Nexio SOC team, the Cybersecurity Incident Manager is a crucial role within an organization's cybersecurity team. The primary responsibility of the Cybersecurity Incident Manager is to detect, respond to, investigate, and mitigate cyber threats and incidents that occur within the organization's network and...
-
Ict Infrastructure Specialist
2 months ago
Midrand, South Africa DBSA Full timeThe role of the Infrastructure Specialist is to ensure that the Banks’ Information Communication and Technology infrastructure services are available in line with the Service Level Agreement between the Information Communication and Technology Unit and business. **Key Responsibilities**: - Contribute to the formulation of Request for Proposals, Service...
-
Ict Infrastructure Specialist
2 days ago
Midrand, Gauteng, South Africa DBSA Full timeThe role of the Infrastructure Specialist is to ensure that the Banks' Information Communication and Technology infrastructure services are available in line with the Service Level Agreement between the Information Communication and Technology Unit and business.Key Responsibilities: Contribute to the formulation of Request for Proposals, Service Level...
-
Lead Infrastructure Finance Specialist
2 months ago
Midrand, South Africa DBSA Full timeThis position is a 5 (Five) Year Fixed Term Contract. The Infrastructure Fund (IF) announced by the President in September 2018 addresses the need for a dedicated blended financing facility for infrastructure programmes projects. The aim of the IF is to transform public infrastructure financial provisioning using “blended” finance - combining capital...
