CDC Engineer

To analyse security events and alerts and to gather and carry out remediation tasks on console for Gijima clients through its toolsets, operational monitoring, preventative actions and crisis management

• Grade 12 (essential)
• IT Certificate / Diploma / Degree

• IBM Qradar Certification
• CISSP, CEH, GPEN, OSCP or similar security certifications
• CCNA advantageous
• Security +
• to information security an advantage

• Experience analysing phishing attacks
• Experience producing reports and briefs on the current threat landscape and associated risks
• Experience monitoring third party security related websites, forums and social media sites for information regarding vulnerabilities and exploits
• Experience conducting malware analysis – usage of VirusTotal etc
• Experience replicating reported vulnerabilities in a safe and contained environment to develop proof of concept and / or exploit tools
• Working Knowledge with the following technologies: Windows and Active Directory, Unix and Linux, Routers & Switches, Anti-Malware Systems, Relational Databases, Open-Source Intelligence, Firewall, IDS / IPS, Vulnerability Management & Proxy management or solid understanding of these technologies.
• 5 – 8 years' work-related experience as a Level 1 / 2 Analyst
• Formal training in Networking and networking protocols
• Experience in malware investigation advantageous
• Experience in server / network / firewall / ips administration
• Experience in a Security Operations Centre environment & a Network Monitoring environment
• Understanding of the different types of Cyber Security Attacks & how to prevent them

• Conduct cyber intelligence operations including intelligence collection, tracking threat actors, identifying malicious behaviours and operations.
• Works with customers, vendors and internal resources for problem resolution and security advisories
• Standardizes process and procedures and provides continual improvement
• Develops and maintain comprehensive documentation on incidents and analysis for clients and internal
• Compile security advisories for internal and external in document format with technical recommendations
• Use case writing, development and refinement for detection of threats
• Proactively search for rogue behaviour, malicious attacks & suspicious activity
• Training of junior analysts
• Analyse threat feeds to produce daily / weekly / monthly Threat Intelligence brief and regular threat trend reporting
• Analyse security events / alerts and recommend remedial actions
• Analyse vulnerability scan data and recommend remedial actions
• Analyse trends across time and clients for remedial actions
• Provide analysis in contracted reports
• Health checks on monitored devices
• Analyse Network flow data & investigate deviations from baseline
• Pro-actively hunt for threats, vulnerabilities & suspicious activity.
• Investigate suspicious emails for phishing attacks

• How to analyse data
• IBM – QRadar experience
• Must have an understanding of use cases
• Must have excellent problem solving skills.
• Detailed technical knowledge of technology protocols (TCP / IP, SMB, SSH etc)
• Good knowledge of scripting languages

• Communication skills (verbal and written - report writing, email and presentation)
• Problem solving skills
• Customer orientation
• Planning and organising skills
• Analysing skills
• Writing and Reporting
• Learning and Researching
• Creating & Innovating
• Delivering Results & Meeting Customer Expectations

• Presenting and Communicating Information
• Deciding and Initiating Action
• Coping with Pressures and SetbacksApplying Expertise and Technology
• Following Instructions and Procedures
• Ability to work well independently & productively with minimal supervision.