Security Incident Response Analyst

Complement Recruitment are recruiting for a Security Incident Response Analystbased in Sandton, Johannesburg Gauteng. The is a permanent position, remote, but will require on-site meetings at the office. The company offers a competitive salary as well as Medical aid, Retirement Annuity and Death & Disability benefits. Salary: Market Related, PermanentMinimum Requirements:7+ years of professional IT experience in either, but not limited to systems administration, systems engineering, and/or TCP/IP network administration3+ years of professional IT experience including experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling and platform managementA sound knowledge of IT security best practices, common attack types and detection/prevention methods including malware, emerging threats, attacks, and vulnerability managementTCP/IP knowledge, networking, and security product experienceDemonstrable experience of analysing and interpreting system, security, and application logsKnowledge of the type of events that both Firewalls, IDS/IPS and other security related devices produceExperience with various security technology platforms such as, but not limited to: SIEM, AV, ETDR, DLP, Email SecurityStrong deductive reasoning, critical thinking, problem solving, and prioritization skillsExperience assisting the development and maintenance of tools, procedures, and documentationCustomer service including the resolution of customer escalations, incident handling, and responseHighly proficient in spoken and written EnglishDuties:Handling of Incidents through ticketing systems and follow through completion and/or escalation in accordance with established procedures.Work in correlation with SLAs as applicable for day-to-day OperationsTroubleshooting security incidents, reported by end-users, or discovered by proactive health checksMonitor multiple security technologies, such as IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sourcesRespond to inbound requests via email and other electronic means for technical assistance with security managed servicesCase escalation and managementResolve problems independently and understand escalation procedureGeneral administration (user accounts, settings, policies, groups, etc.)Miscellaneous security platform specific outputsAssist in the recommendation for improvements and the development of technical standardsCreate, follow, and present detailed operational process and procedures to appropriately analyse, escalate, and assist in remediation of critical information security incidentsCreate, follow, and present customer reports to ensure quality, accuracy, and value to the Client