Role purpose: security event logging, monitoring and cybersecurity operations

• Execute on operations of the Cyber Security, Prevention and Defending stakeholders and team
• Analysing cyber security incidents to solve issues and improve incident handling procedures
• Receive Group incidents escalation and assist with real-time, continuous (24×7) security event monitoring, response, and reporting –
• Proactive coordination with appropriate users during a security incident
•  Conducting research regarding the latest methods, tools, and trends in digital forensics analysis –
• Creating thorough reports and documentation of all incidents and procedures; presenting findings to team and leadership on a routine basis
• Performs digital forensics and detailed reporting for cybersecurity and internal investigations.
• In-depth analysis and detailed reporting of threats, malware, root cause and endpoint behavior using a variety of tools including IR Case Management, EDR, SIEM, PCAP, Mitre Framework, malware sandbox.
• Collects, maintains, analyzes and action threat intelligence from both internal and external sources.
• Works in partnership with the Group Cyber Security Operations Center (CSOC) as an escalation resource for incident response and threat analysis.
• Performs other duties as assigned or required.
• Maintains the strict confidentiality of sensitive information.
• Performs other duties as assigned or required.

Core competencies, knowledge and experience:

• Degree in Computer Science/information Technology or equivalent Cyber Security/Technology -related degree
• Minimum of 3+ years of experience in Cyber Security role
• At least one professional Information Security Qualification: CEH,/CISM/CompTIA Security+
• Minimum of 1-year focused Security experience in Incident Management, Intrusion Analysis, Network troubleshooting or Reverse Engineering
• Knowledge of common information technology management / compliance frameworks such as ISO/IEC 27001, SOC 2, ITIL, COBIT, and NIST.
• Knowledge of legal, regulatory and privacy requirements, such as Personally Identifiable Information (PII) Protection –GDPR
• An ability to think strategically and drive change
• A deep understanding of Cyber Security risks and mitigating solutions
• A diverse security background with knowledge in several areas including: layered security architecture; internet protocols; firewalls; VPN technologies, IDS/IPS, Data Leakage and Prevention, network access control and network segmentation, anti-malware and spam technologies; risk and vulnerability assessments, and compliance.
• Security concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies
• Windows, UNIX and Linux operating systems
• Ability to work under time and resource pressure
• An ability and desire to communicate and work with a broad set of stakeholders
• Good communication skills and team player
• Analytic Thinking

Key performance indicators:

• Tech Security Controls KPI and Performance Metrics
• Risks and Audit Points KPI
• Mitigation Plans KPI
• Project Delivery KPI
• Consultancy Delivery KPI