Job title: SOC / CERT Cyber Security Analyst Level 1
Sup H. direct (1) : SOC Manager
Sup H. direct (2) : Directeur Technique
Cyber Defense Africa is looking for a talented and enthusiastic individual to join our team as a Cyber Security Analyst.
The Level 1 Analyst will be responsible for incident response activities, leveraging multiple security technologies, guiding and directing customers in the handling of security incidents, and examining computer and security systems using the most effective digital investigation methods to detect, validate, and mitigate computer security incidents.
First level analysts are the first line of incident response. The team operates 24/7 and is the first line of handling cybersecurity events/incidents. The Tier 1 analyst performs real-time monitoring of cybersecurity events and determines the urgency of alerts as well as those requiring escalation to Tier 2. His/her primary task is triage which includes:
- Verification – Find technical evidence that the event is a security incident, a network or device error, or simply a false positive alarm;
- Classification – Assigning a type, category, and priority for specific action related to the event, based on a preliminary assessment of the potential negative impact on confidentiality, availability, and/or information integrity;
- Determining the scope of the attack – Identify and characterize the negative impact of the incident based on the IT systems affected by the event or incident. Assess the size and scope of the incident by analyzing the affected parts of the infrastructure, services, data and business units ;
- Handling – Follow existing procedures to handle the incident until it is closed or escalated to Level 2;
- Documentation – document all actions taken to resolve the incident, i.e. critical information collected, analyses performed, corrective actions and fixes applied.
He will also have to :
- Conduct vulnerability testing;
- Support SOC / CERT activities as needed.
- Knowledge of network infrastructure, information security principles;
- Ability to read and understand system data, including security event logs, system logs, application logs, and network device logs;
- Understanding of enterprise technologies including operating systems, databases, and web applications;
- Possess an understanding of security technologies and tools;
- Demonstrate ability to analyze network traffic to identify attack phases.
Training & experience
- Computer science, engineering, information systems knowledge or any equivalent experience ;
- Incident management and/or cybersecurity certifications (CIH, CSA, Security+, CyberOps, CEH) would be an advantage;
- Good knowledge of English.
- Passionate about cybersecurity, self-taught, with a strong ability to adapt;
- Very good communication skills, strong analytical and problem solving skills;
- Self-motivated, self-managed individual with the ability to demonstrate exceptional analytical skills and work professionally with peers and clients, even under pressure;
- Ability to work unsupervised, in potentially stressful situations, with little or no immediate supervision;
- Strong written and verbal skills;
- Strong interpersonal skills with the ability to collaborate well with others;
- Follows and adheres to procedures ;
- Ability to work a shift.
If you want to join us, send your CV to firstname.lastname@example.org before December 31, 2021 at 18:30