Home  |  Contact  |  About Us
Register  |  Sign In        
Your #1 Resource for IT Jobs in South Africa


Company Info
Clear Leaf Consulting (Pty) Ltd
Glenvista, GP, South Africa

Company Profile


Security Operations Centre Support Engineer

col-narrow-left   

Location:

Pretoria, Gauteng 

Suburb:

Menlyn

Salary:

R15 000 -R25 000 per month

Posted:

02-01-2017
col-narrow-right   

Job Type:

Permanent

Job Level:

Skilled

Employment Equity:

Open to All Candidates
col-wide   

Job Description:

This job function is to provide dedicated “eyes on glass” monitoring and analysis capability for SOC operations. The analyst will also conduct analysis of security events to include validation, escalation and reporting of events of interest based on the guidelines and event handlers provided to them. The Support Engineer will be responsible for all such events of interest and will make sure they are continuously monitored and reviewed.

Key areas of responsibility:

  • This position is a “Follow the Sun” initiative (various offices across the globe to relieve one another of service across time differences) thus there will be rotational schedules (3 days at work, 2 days off) – This is a 365 day / 7days per week / 24 hours a day department. 
  • Monitoring and analysis of cyber security events
  • Services monitored will include, but are not limited to SIEM, IDS/IPS, Firewall, Web Application Firewalls, Data Loss Prevention (DLP), DAM, ePO
  • Security Event Correlation and Reporting to appropriate Tier 2 Security Analyst or Incident Response staff or relevant sources to determine increased risk to the business
  • Recognize potential; successful; and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
  • Monitoring that all Security tools are working properly
  • Check external feedback from other teams on a daily basis and apply the results effectively
  • Get feedback from the shift team on a weekly basis and assist where possible to address points of frustration
  • Updates inaccurate and add missing knowledge base documents where required
  • Handles escalations effectively, ensuring a minimal number of duplicate escalations created
  • When acknowledging alerts, ensures alerts are closed at the end of every shift
  • Monitors alerts and incidents diligently by actioning them in a timeous manner
  • Investigates alerts using the systems provided and adds investigation details to escalated incident descriptions
  • Reports back on identified trends that may be forming and/or proactive actions taken to reduce spam
  • Ensures all tasks/incidents are assigned to the correct support teams

Desired qualifications and experience:

  • Security Operations Center (SOC) environment experience with at least 3 years of IT to include 1+ years of related SOC and incident monitoring experience a MUST
  • Experience with SIEM, IDS/IPS, Firewall, Web Application Firewalls, Data Loss Prevention (DLP) and Security Event Correlation
  • Excellent analytical and problem solving skills
  • Experience with technical writing
  • Possess an understanding of security standards and risk management
  • Have excellent written and verbal communication skills
  • Possess the ability to adjust and adapt to changing priorities in a dynamic environment
  • Be able to multi-task and be pro-active in addressing issues and requests
  • Possess technical acumen and the ability to understand and interpret technical specifications
  • Security + beneficial but not required

Job Category:

Information Security, IT Security


Company Info


Clear Leaf Consulting (Pty) Ltd
Glenvista, GP, South Africa

Security Operations Centre Support Engineer

col-narrow-left   

Location:

Pretoria, Gauteng 

Suburb:

Menlyn

Salary:

R15 000 -R25 000 per month

Posted:

02-01-2017
col-narrow-right   

Job Type:

Permanent

Job Level:

Skilled

Employment Equity:

Open to All Candidates
col-wide   

Job Description:

This job function is to provide dedicated “eyes on glass” monitoring and analysis capability for SOC operations. The analyst will also conduct analysis of security events to include validation, escalation and reporting of events of interest based on the guidelines and event handlers provided to them. The Support Engineer will be responsible for all such events of interest and will make sure they are continuously monitored and reviewed.

Key areas of responsibility:

  • This position is a “Follow the Sun” initiative (various offices across the globe to relieve one another of service across time differences) thus there will be rotational schedules (3 days at work, 2 days off) – This is a 365 day / 7days per week / 24 hours a day department. 
  • Monitoring and analysis of cyber security events
  • Services monitored will include, but are not limited to SIEM, IDS/IPS, Firewall, Web Application Firewalls, Data Loss Prevention (DLP), DAM, ePO
  • Security Event Correlation and Reporting to appropriate Tier 2 Security Analyst or Incident Response staff or relevant sources to determine increased risk to the business
  • Recognize potential; successful; and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
  • Monitoring that all Security tools are working properly
  • Check external feedback from other teams on a daily basis and apply the results effectively
  • Get feedback from the shift team on a weekly basis and assist where possible to address points of frustration
  • Updates inaccurate and add missing knowledge base documents where required
  • Handles escalations effectively, ensuring a minimal number of duplicate escalations created
  • When acknowledging alerts, ensures alerts are closed at the end of every shift
  • Monitors alerts and incidents diligently by actioning them in a timeous manner
  • Investigates alerts using the systems provided and adds investigation details to escalated incident descriptions
  • Reports back on identified trends that may be forming and/or proactive actions taken to reduce spam
  • Ensures all tasks/incidents are assigned to the correct support teams

Desired qualifications and experience:

  • Security Operations Center (SOC) environment experience with at least 3 years of IT to include 1+ years of related SOC and incident monitoring experience a MUST
  • Experience with SIEM, IDS/IPS, Firewall, Web Application Firewalls, Data Loss Prevention (DLP) and Security Event Correlation
  • Excellent analytical and problem solving skills
  • Experience with technical writing
  • Possess an understanding of security standards and risk management
  • Have excellent written and verbal communication skills
  • Possess the ability to adjust and adapt to changing priorities in a dynamic environment
  • Be able to multi-task and be pro-active in addressing issues and requests
  • Possess technical acumen and the ability to understand and interpret technical specifications
  • Security + beneficial but not required

Job Category:

Information Security, IT Security


We are the #1 job site for IT Jobs in South Africa. The CompuJobs job site is your all in one it recruitment solution. Whether you are a candidate seeking a new IT job or a recruiter looking to hire IT staff, we are here to help you achieve your objectives. CompuJobs has been serving the information technology employment sector in South Africa since 2007. Job seekers please register to submit your CV and apply to jobs. Employers and recruitment agencies please check out the products page for available job posting and recruitment services. This is South Africa's information technology recruitment and career website. Your IT job search starts here. Let's get working!

PayFast

CompuJobs IT Job Portal - Your #1 resource for IT jobs in South Africa.

Copyright © 2017 CompuJobs | All Rights Reserved