Cybersecurity Analyst – L2 Senior
at iOCO
Pretoria, Gauteng, South Africa -
Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
---|---|---|---|---|---|---|---|
Immediate | 01 Feb, 2025 | Not Specified | 01 Nov, 2024 | 4 year(s) or above | Operating Systems,Ip,Cissp,Security Protocols,Linux,Sql Injection,Security Tools,Windows | No | No |
Required Visa Status:
Citizen | GC |
US Citizen | Student Visa |
H1B | CPT |
OPT | H4 Spouse of H1B |
GC Green Card |
Employment Type:
Full Time | Part Time |
Permanent | Independent - 1099 |
Contract – W2 | C2H Independent |
C2H W2 | Contract – Corp 2 Corp |
Contract to Hire – Corp 2 Corp |
Description:
QUALIFICATIONS REQUIRED:
- Industry certifications such as CySA+, CISSP (Certified Information Systems Security Professional) are advantageous. Microsoft Certified: ontrast="auto">Security Operations Analyst Associate
Responsibilities:
THE ROLE
iOCO Infrastructure Services Invites You to Explore Possibilities. We are seeking a Cybersecurity Analyst – L2 Senior who will be tasked with conducting deeper investigations and handling escalated incidents. This role involves collaborating with L1 analysts, responding to more sophisticated threats, and playing an essential part in the organization’s incident response plan.
WHAT YOU’LL DO:
Incident Investigation:
- Investigate and validate potential threats, including the identification of malicious activity across networks and systems.
- Malware Analysis.
Incident Handling:
- Lead the response for complex security events such as targeted attacks, advanced malware, and potential breaches. Perform Cyber Kill Chain and MITRE ATT&CK analysis on incoming security alerts.
Containment:
- Initiate the incident response process upon detection of security incidents. Log incidents and alert investigations, documenting findings and outcomes in ticketing systems.
Collaborative Response:
- Work closely with the L1 team.
- Forensic Analysis.
- Threat Intelligence.
Improving Detection:
- Manage and detect security alerts and events from SIEM and other monitoring platforms.
- Modify and tune security monitoring tools (e.g., SIEM correlation rules).
- Review data from critical systems to enhance defence controls.
- Conduct rule testing and refinement.
- Review and validate new and existing SIEM alerts, ensuring they align with threat hunting frameworks like MITRE ATT&CK.
- Security Audits.
- Incident Reporting.
- Vulnerability Management.
Change Management:
- Create and manage change control requests.
- Automation SOAR Solutions and playbooks.
- Client Interaction and Reporting.
System Integration and deployment:
- Assist in the integration of systems and platforms.
- Ensure that security automation tools are integrated.
- Monitor the health of log sources.
Performance Monitoring:
- Track alert severity, analyst workload, and response times (MTTD, MTTR) to optimize operations.
REQUIREMENT SUMMARY
Min:4.0Max:9.0 year(s)
Information Technology/IT
IT Software - Network Administration / Security
Other
Graduate
Proficient
1
Pretoria, Gauteng, South Africa