Job Description
Reporting to the Team
Leader – Cyber Defense Centre (CDC), the successful
candidate will lend support in Cyber threat detection, working in 24/7 shifts,
providing eyes-on-the-glass service at the Safaricom CSOC, performing real-time
monitoring and identification of security incidents. He/She will help identify
suspicious activity, open incident investigation tickets, and escalate any key
concerns to Level 2/3 for additional analysis & communication.
Additionally, he/she will take up tasks in threat research, threat simulation,
content engineering and infrastructure management
Responsibilities
Work in 24*7 shifts performing real
time monitoring of security alerts generated by various security tools deployed
by Safaricom
Serves as a primary point of contact
for reporting potential security incidents
Validate, classify and open tickets
for security incidents
Analyze and assess security alerts and escalate to Level 2/3 analysts for further investigations and communication
Document security incidents as
identified by the case management process
Provide feedback on enhancing the
operations of the cyber security operations Centre
Respond to generated security alerts
within the time window as defined in procedural SLAs
Pick out potential intrusions from
seemingly benign sets of audit logs or security alerts
Triage (primary investigation) of
detected security alerts and make necessary escalation decisions
Escalation to appropriate teams,
follow ups and help during remediation.
Take part in purple team
activities.
Review threat intelligence and take
part in threat intel activities.
Carry out content engineering tasks
assigned.
Take up threat hunting tasks.
Qualifications
Bachelor’s degree in Electrical
Engineering/Computer Science/IT Security/Information Technology
Knowledge of common SIEM solutions,
the purpose of them and an understanding of how they work
Knowledge of common network protocols
such as TCP/IP, HTTP, DNS, etc.
Experience with Microsoft Windows and
*NIX operating systems is required.
Knowledge and/or experience with
common security tools such as anti-virus, Intrusion Prevention Systems and
Firewalls is an added advantage
Knowledge and/or experience with
Relational Database Management Systems (RDBMS) – Oracle, MS SQL, My SQL,
Pervasive SQL is an added advantage
Good communication and presentations
skills are required
Enthusiasm, curiosity, thirst for
knowledge and passion for the job is required
Analytical thinking
Customer focused. Team spirit
Learning agility
How To Apply
