Cybersecurity Analyst – L2 Senior

at  iOCO

Pretoria, Gauteng, South Africa -

Start DateExpiry DateSalaryPosted OnExperienceSkillsTelecommuteSponsor Visa
Immediate01 Feb, 2025Not Specified01 Nov, 20244 year(s) or aboveOperating Systems,Ip,Cissp,Security Protocols,Linux,Sql Injection,Security Tools,WindowsNoNo
Add to Wishlist Apply All Jobs
Required Visa Status:
CitizenGC
US CitizenStudent Visa
H1BCPT
OPTH4 Spouse of H1B
GC Green Card
Employment Type:
Full TimePart Time
PermanentIndependent - 1099
Contract – W2C2H Independent
C2H W2Contract – Corp 2 Corp
Contract to Hire – Corp 2 Corp

Description:

QUALIFICATIONS REQUIRED:

  • Industry certifications such as CySA+, CISSP (Certified Information Systems Security Professional) are advantageous. Microsoft Certified: ontrast="auto">Security Operations Analyst Associate

Responsibilities:

THE ROLE

iOCO Infrastructure Services Invites You to Explore Possibilities. We are seeking a Cybersecurity Analyst – L2 Senior who will be tasked with conducting deeper investigations and handling escalated incidents. This role involves collaborating with L1 analysts, responding to more sophisticated threats, and playing an essential part in the organization’s incident response plan.

WHAT YOU’LL DO:

Incident Investigation:

  • Investigate and validate potential threats, including the identification of malicious activity across networks and systems.
  • Malware Analysis.

Incident Handling:

  • Lead the response for complex security events such as targeted attacks, advanced malware, and potential breaches. Perform Cyber Kill Chain and MITRE ATT&CK analysis on incoming security alerts.

Containment:

  • Initiate the incident response process upon detection of security incidents. Log incidents and alert investigations, documenting findings and outcomes in ticketing systems.

Collaborative Response:

  • Work closely with the L1 team.
  • Forensic Analysis.
  • Threat Intelligence.

Improving Detection:

  • Manage and detect security alerts and events from SIEM and other monitoring platforms.
  • Modify and tune security monitoring tools (e.g., SIEM correlation rules).
  • Review data from critical systems to enhance defence controls.
  • Conduct rule testing and refinement.
  • Review and validate new and existing SIEM alerts, ensuring they align with threat hunting frameworks like MITRE ATT&CK.
  • Security Audits.
  • Incident Reporting.
  • Vulnerability Management.

Change Management:

  • Create and manage change control requests.
  • Automation SOAR Solutions and playbooks.
  • Client Interaction and Reporting.

System Integration and deployment:

  • Assist in the integration of systems and platforms.
  • Ensure that security automation tools are integrated.
  • Monitor the health of log sources.

Performance Monitoring:

  • Track alert severity, analyst workload, and response times (MTTD, MTTR) to optimize operations.


REQUIREMENT SUMMARY

Min:4.0Max:9.0 year(s)

Information Technology/IT

IT Software - Network Administration / Security

Other

Graduate

Proficient

1

Pretoria, Gauteng, South Africa