Security Operations Center / Kiberdrošības operāciju centra – SOC Manager
SEB
Cyber SecurityJavaScript
Senior Information Security Incident Response Analyst
NTT DATA, Inc.
full-time
Posted on:
Origin: • 🇿🇦 South Africa
Visit company websiteJob Level
Senior
Tech Stack
Cyber Security
About the role
- Manages the prevention and resolution of security breaches and ensure incident and problem management processes are initiated.
- Performs access management activities according to the policy.
- Implements and discusses security service audit schedules, review access authorization and perform the required access controls and testing to identify security weaknesses.
- Interacts with a global team of Cyber Security Analysts and specialists.
- Manages 2nd level triaging of security alerts, events, and notifications.
- Manages notifications of internal and/or external teams according to agreed alert priority levels, and escalation trees.
- Communicates status of response, resolution and final root cause analysis to the appropriate stakeholders.
- Follows and updates established and/or ad-hoc processes and work instructions and create procedures where deficiencies are identified.
- Logs, manages and coordinates service requests through to resolution including the identification, isolation, resolution and escalation of IT infrastructure faults.
- Maintains an understanding of current and emerging threats, vulnerabilities, and trends.
Requirements
- Advanced understanding of End Point Protection Software.
- Advanced understanding of Enterprise Detection and Response software.
- Advanced knowledge of technological advances within the information security arena.
- Advanced understanding of inter-relationships in an overall system or process.
- Advanced knowledge of information security management and policies.
- Advanced understanding of risk management principles and frameworks.
- Advanced understanding of the organization's business operations, goals, and objectives to align incident response efforts.
- Ability to effectively communicate technical information to both technical and non-technical stakeholders, and end-users, as well as working with cross-functional teams during incident response.
- Ability to think critically, analyze information, and solve medium to complex problems.
- Bachelor’s degree or equivalent in Information Technology, Computer Science or related preferred.
- SANS GIAC Security Essentials (GSEC) or equivalent preferred.
- SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred.
- SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred.
- Advanced experience in a Technology Information Security Industry.
- Advanced experience or knowledge of SIEM and IPS technologies.
- Advanced experience with Wireshark or tcpdump to identify normal and abnormal/malicious traffic patterns and behaviors.
