Posted on: 08 March 2023
ID 853935

Security Operations Center Analyst

Prefered skills

Security Operations Center, Cyber Kill Chain Framework, Security Operations, OSCP, Cyber-security, Operations, Burp Suite, Penetration Testing, Application Security, Hypertext Transfer Protocol (HTTP), Amazon Web Services (AWS), Information Security Analysis, Security Analysis (Securities)

Job description

About Us

Cloudtrace specializes in providing offensive and defensive cyber security services for public cloud environments. We are an AWS, Azure and GCP consulting partner and are accredited by the PCI Security Standards Council as a Qualified Security Assessor Company (QSAC). Our service offerings include penetration testing, red teaming, managed security services, digital forensics and incident response.

The Role

We are looking for a SOC Analyst to become part of our rapidly expanding team protecting our clients from cyber security threats. This is primarily a blue team role with additional exposure and involvement to penetration testing techniques and tools in order to validate security exposures detected by our attack surface management platform.

Our philosophy is that solid defense requires intimate knowledge of offensive tactics, with our managed security service designed to ensure our analysts are across the latest attack techniques. This approach, combined with our cloud security expertise allows us to provide our clients with the highest level of protection for their digital assets.

You will get the opportunity to work with government, start-up and enterprise clients as part of a passionate and experienced security team; You will also be provided with training and support for Offensive Security Certified Professional (OSCP) certification if that is not yet held.

Note: This role will require candidates to perform duties on a 24/7 shift rotation basis.

Your Responsibilities

We monitor our clients systems both internally and externally to ensure we provide proactive response to potential security issues and detect any threats that have breached security controls.

A best of breed cloud-based SIEM is used to ingest and analyze events from client environments, in which we use our cloud security knowledge in conjunction with the MITRE ATT&CK Cloud Matrix to detect attacks from highly skilled adversaries. In this roll you will respond to alerts within our established SLAs and investigate complex attack chains to ensure breaches are rapidly discovered and contained.

Our attack surface management service includes hourly reconnaissance and exposure testing across our client internet attack surface. Using penetration testing techniques, you will also review new endpoints discovered by our platform and validate any security exposures as soon as they are detected.

Your average day will include the following activities:

Investigation and response to client SIEM alerts
- Ownership through to resolution of managed SIEM alerts
- Liaison with clients to provide updates on investigation status
- Incident closure once appropriate action has been taken
- Tuning of client SIEM rules to reduce false positive rate

Monitoring of client digital attack surface exposures
- Ownership through to resolution of customer impacting exposures
- Liaison with clients to provide updates on exposure status
- Escalation to senior resources for complex exposures
- Closure of exposures once appropriate action has been taken
- Review of new assets discovered by the attack surface management platform

Client report writing
- Issuing of periodic cyber security reports for managed service clients

Managed security service projects
- Onboarding of new clients to managed services platforms
- Integration of new log sources for existing managed SIEM clients
- Development of managed incident response playbooks
- Other cyber security project work as required

Your Experience

3+ years experience as a SOC analyst, Penetration Tester, or relevant field

Your Skills

The following technical skills are required to fulfil the responsibilities of the role:
  • Understanding of common internet protocols (e.g. TCP/IP, DNS, HTTP, TLS)
  • Knowledge of common web application security vulnerabilities
  • Ability to analyze intercepted HTTP requests and identify basic security issues
  • Familiarity with public cloud environments (e.g. AWS, Azure and GCP)
  • Familiarity and demonstrated understanding of the Cyber Kill Chain and/or MITRE ATT&CK Framework
  • Understanding and experience working with SIEM and Vulnerability management tools
  • Proficiency with common penetration testing tools (e.g. Burp Suite, Kali Linux, Metasploit)
  • Strong understanding of Windows, UNIX, and Linux Operating Systems
  • Formal training and certification in an IT security related area, OSCP, SANS, CompTIA is desired but not essential
The role requires strong written communication skills for reporting on test findings and liaising with clients on validated exposures. The ability to manage time effectively is essential as testing engagements are typically delivered within a set timeframe and our CST service provides service level agreements for validating detected security exposures. The most important requirement however is a passion for learning about how systems are compromised, and security exploits are developed. 
Occupation:
IT, computing jobs


This job offer is not active at the moment.
Apply for a job
You have already applied to this job position
Save ad
Transnet Bakkies Truck Tenders 078 203 6974
Jobin.co.za
Transnet Bakkies Truck Contract 078 203 6974

Transnet Bakkies Truck Contract 078 203 6974

Transnet
Pretoria / Tshwane
Jobin.co.za
Dihlabeng hospital jobs available

Dihlabeng hospital jobs available

Dihlabeng hospital
Bethlehem
Jobin.co.za
BAKUBUNG PLATINUM MINE JOBS AVAILABLE

BAKUBUNG PLATINUM MINE JOBS AVAILABLE

BAKUBUNG PLATINUM MINE
Rustenburg
Jobin.co.za
TWO RIVERS PLATINUM MINE JOBS AVAILABLE

TWO RIVERS PLATINUM MINE JOBS AVAILABLE

TWO RIVERS PLATINUM MINE
STEELPOORT
Jobin.co.za