We have an exciting opportunity with one of our clients, an international software house. They are currently looking for a Support Engineer to join their Security Operations Centre. This is a great opportunity to join a relaxed, positive and cohesive team where flip flops and a T-shirt is the everyday dress code.
More about the organization:
They don’t care about what you wear, who you know or where you’re from. They do, however, care about what you know, what you can do, and where you want to go in your career.
They work hard at creating exceptional teams who can deliver incredible products. The best way of doing this is to bring like-minded people together in a stimulating environment, where they can collaborate creatively and technically on challenging projects.
Investing in their people is key. Each person is encouraged to improve their skills and knowledge, and continually challenged to reach their full potential. They don’t just want people to work at their organization; They want people to grow there!
It’s this culture that inspires the professionalism and dedication that makes us one of the foremost software development houses in the world.
This job function is to provide dedicated “eyes on glass” monitoring and analysis capability for SOC operations. The engineer will also conduct analysis of security events to include validation, escalation and reporting of events of interest based on the guidelines and event handlers provided to them. The SOC Engineer will be responsible for the all such events of interest and will make sure they are continuously monitored and reviewed.
- Monitoring and analysis of cyber security events
- Services monitored will include, but are not limited to SIEM, IDS/IPS, Firewall, Web Application Firewalls, Data Loss Prevention (DLP), DAM, ePO
- Security Event Correlation and Reporting to appropriate Tier 2 Security Analyst or Incident Response staff or relevant sources to determine increased risk to the business
- Recognize potential; successful; and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
- Monitoring that all Security tools are working properly
- Check external feedback from other teams on a daily basis and apply the results effectively
- Get feedback from the shift team on a weekly basis and assist where possible to address points of frustration
- Updates inaccurate and add missing knowledge base documents where required
- Handles escalations effectively, ensuring a minimal number of duplicate escalations created
- When acknowledging alerts, ensures alerts are closed at the end of every shift
- Monitors alerts and incidents diligently by actioning them in a timeous manner
- Investigates alerts using the systems provided and adds investigation details to escalated incident descriptions
- Reports back on identified trends that may be forming and/or proactive actions taken to reduce spam
- Ensures all tasks/incidents are assigned to the correct support teams
Engineer needs to have a Security perspective on all work being done, keeping the 3 principals, Confidentiality, Integrity and Availability in mind.
- Security experience would be beneficial but not required
- Must have at least 3 years Professional IT experience
- Excellent analytical and problem solving
- Experience with technical writing
- Possess an understanding of security standards and risk management
- Have excellent written and verbal communication skills
- Possess the ability to adjust and adapt to changing priorities in a dynamic environment
- Be able to multi-task and be pro-active in addressing issues and requests
- Possess technical acumen and the ability to understand and interpret technical specifications