• Login Name       Password       Remember me       LOGIN LOGIN    FORGOT PASSWORD


Incident Response Technician

Job Ref
Job Type
Employer Type
Date Added 15 Oct 2020
Expiry Date 12 Nov 2020
* There have been 26 applications to this job.
* This job has been viewed 3184 times.
Cyanre The Computer Forensic Lab

Gauteng (Pta)

ZAR35000 - ZAR40000 PM


Role details:
Cyanre The Digital Forensic Lab, one of the leading Digital Forensic and IR firms in South Africa, has exciting new opportunities within our Incidence Response Team for an Incident Response Technician.

Role Objectives:

The position is NOT within a SOC environment, but on a “feet-on-the-ground” basis whereby we assist clients during an IT security incident by integrating with their security team or to manage the whole incident as an outsourced service.

The main role objectives will be to actively manage and investigate IT related incidents reported by clients in order to co-ordinate a rapid and effective response to major security incidents and management and co-ordination of an IR team.

The functionaries will be required to respond to security incidents - establish the scope of the incident, develop and implement a containment, eradication and remediation strategy, identify and collect networks and system logs for deep-dive forensic investigation and conduct a detailed analyses of data gathered to identify and report on how and why the breach occurred, what actions where taken by the perpetrators and advising clients regarding underlying issues, control processes and security optimisation to minimize or prevent future breaks in service.
- - - - - - - - - - - - - -
Key Responsibilities:

• Handling of major incidents & investigation of incidents through root cause analysis or through proactive trend analysis and monitoring.
• Continuous improvement to ensure effective service: Examine potential areas for service improvement and raise proposals with senior management as well as continues knowledge development on malware and exploits used by perpetrators
• Service delivery to ensure customer satisfaction: - Maintain service, quality and desired outputs across the business process by ensuring compliance to tactical policies, procedures and standards.
• Ensure cost efficiency through financial and corporate governance: Contribute to the development and implementation of fit for purpose budgets.
• Continuously build and manage the relationship between the Company and clients
• People: Lead, coach, guide & develop team reporting to the function
• Develop internal training material and knowledge sharing practices for continuous improvement and efficacy.
• Develop and perform proactive technical, procedural and governance audits on existing security programs and infrastructure to assist with compliance and security in today’s evolving landscape.

Required Knowledge, Experience and Skills:

• 3 - 5 years' experience in IT Problem Management
• 2 - 3 years' experience in Incident Response Management

Experience and/ or proven knowledge of the following is required:

• Experience in project management
• Functioning of SOC/SIEM technologies
• Experience in a digital forensic environment
• IDS/IPS, penetration and vulnerability testing
• Firewall and intrusion detection/prevention protocols
• Secure coding practices, ethical hacking and threat modelling
• ISO 27001/27002, ITIL and COBIT frameworks
• PCI, HIPAA, NIST, GLBA and SOX compliance assessments
• Windows, UNIX and Linux operating systems
• Application security and encryption technologies
• C, C++, C#, Java, Python, Ruby or PHP programming languages
• Subnetting, DNS, encryption technologies and standards, VPNs, VLANs, VoIP and other network routing methods
• Network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, etc.)
• Advanced Persistent Threats (APT), phishing and social engineering, network access controllers (NAC), gateway anti-malware and enhanced authentication, Malware analysis and detection

Persons with the following Qualifications and/or certifications and/or a combination thereof together with the above experience will receive preference:

• A degree in Computer Science, Cyber Security or a related field.
• Product specific certifications (Including Fire-eye/ RSA/SPLUNK/ArcSight/Elsastic Search, Oxygin, Cybereason, Crowdstrike, AlienVault, Checkpoint, Palo Alto, Sophos, McAfee, Trustwave, Fortigate, Cisco, Juniper, Panda Security etc.)
• ITIL certification
• CompTIA Security+
• GSEC: GIAC Security Essentials Certification
• SSCP: Systems Security Certified Practitioner
• CISSP: Certified Information Systems Security Professional
• CISA: Certified Information Systems Auditor
• CISM: Certified Information Security Manager
• GCIH: GIAC Certified Incident Handler
• CEH: Certified Ethical Hacker
• OSCP: Offensive Security Certified Professional
• CASP: Comptia Advanced Security Practitioner
• CySA+: CompTIA Cybersecurity Analyst

Applications for this role will be prioritised in line with our transformation objectives as per our Employment Equity Plan

Only shortlisted candidates will be contacted

Cyanre reserves the right not to fill the post.