Job Description

Job specifics/responsibilities:

• Effective handling and co-ordination of security incident response activities in order to minimize impact
• Responsibility for to carry out incident response tasks and investigation tasks of the Incident throughout the incident lifecycle
• Conduct reviews to identify causes of information security incidents, develop corrective actions and re-assess risk
• Validating, verifying and reporting protective or countermeasure solutions, both technical and administrative
• Provision of Incident Response Report and lessons learnt to key stakeholders. Prevent previous incidents from recurring by documenting and learning from past incidents
• Dealing with legal and law enforcement-related issues as necessary to support the organization
• Reviews departmental tasks and designs automation to whenever necessary
• Remain current on threats affecting information risk and advise department management
• Uphold highest standard of information security practices

Supports productization initiatives by updated with future market driven technologies and process that relates to information security.
Personal skills and qualities:

• A self-motivated individual with a flexible approach to working
• Experience of working as an Incident Manager, or as a within an Information Security Response Team
• Understanding of incident handling skills - techniques, decision points and supporting tools
• Ability to manage complex situations which could potentially impact the customer business both operationally and financially
• Ability to remain calm and focused in high pressure situations identifying business resources essential to recovery
• Ability to resolve customer issues with a virtual team who may work in different departments across the global organization
• Excellent interpersonal skills with the ability to interpret and explain technical problems to non-technical business stakeholders at all levels
• Demonstrable experience of post incident review practices
• Develop and maintain a strong relationship and trust with the Client Security Teams
• Foundation technical skills - basic understanding of underlying technologies
• Strong verbal and written communication skills with experience of writing and presenting reports for audiences at all levels, especially senior management.

Technical skills: (procedures and documents the employee has to be acquainted with):

• Good knowledge of Network / System Administration.
• Good understanding of the OSI Layer and Layered Security
• Good understanding of Cloud infrastructure concepts, ie. IAAS, PAAS, SAAS
• Knowledge of types and sources of tools and equipment required to adequately equip Incident Response Teams
• Knowledge of forensic requirements for collecting and presenting evidence
• An active interest in Internet Security, incident detection, network and systems security

The Cyber Defense - Security Operations Center Analyst is an integral part of the Cyber Defense Leveraged SOC Team managing and responding to validated security incidents, both technical and non-technical.