Cyber Defense Center Engineer

To analyse security events and alerts and to gather and carry out remediation tasks on console for Gijima clients through its toolsets, operational monitoring, preventative actions and crisis management

• Grade 12 (essential)
• IT Certificate/Diploma/Degree

• IBM QRadar Certification
• Fortinet FortiSOAR certification
• Microsoft Sentinel (SC-200 or equivalent)
• ITIL
• CISSP, CEH, GPEN, OSCP or similar security certifications advantageous

• Expert-level experience with IBM QRadar, Microsoft Sentinel, and Fortinet FortiSOAR
• Strong rule tuning, AQL/KQL scripting, and log pipeline management
• In-depth knowledge playbook development, Python operations, and connector debugging
• Strong Linux administration and troubleshooting skills
• Python scripting for custom playbooks and API-based integrations
• REST API, JSON, YAML, Jinja templates
• Ability to present technical content confidently to clients
• Familiarity with ITIL, incident lifecycle, and ticketing systems
• Strong written skills for reports, playbooks, and technical documentation
• Working Knowledge with the following technologies: Windows and Active Directory, Unix and Linux, Anti-Malware Systems, Open Source Intelligence, Firewall, IDS/IPS, Vulnerability Management & Proxy management
• Experience in malware investigation advantageous
• Experience in a Security Operations Centre environment
• Understanding of the different types of Cyber Security Attacks & how to prevent them.

• Design, maintain and optimise SIEM and SOAR platforms
• Develop, maintain and refine detection use cases and correlation rules
• Build and maintain FortiSOAR playbooks and automation workflows
• Perform SIEM and SOAR platform health checks
• Analyse threat feeds and translate intelligence into actionable detections
• Works with customers, vendors and internal resources for problem resolution and security advisories
• Standardizes process and procedures and provides continual improvement
• Use case writing, development and refinement for detection of threats
• Training of junior analysts
• Provide escalation support for complex incidents
• Analyse security events/alerts and recommend remedial actions
• Analyse trends across time and clients for remedial actions
• Provide analysis in contracted reports
• Health checks on monitored devices
• Analyse Network flow data & investigate deviations from baseline
• Investigate suspicious emails for phishing attacks.

• IBM QRadar experience
• Fortinet FortiSOAR experience
• Microsoft Sentinel experience
• Must have an understanding of use cases
• Must have excellent problem solving skills.
• Detailed technical knowledge of technology protocols (TCP/IP, SMB, SSH etc)
• Good knowledge of scripting languages
• Data Analysis
• Understanding of SIEM use cases and detection logic

• Communication skills (verbal and written - report writing, email and presentation)
• Problem solving skills
• Customer orientation
• Planning and organising skills
• Analysing skills
• Writing and Reporting
• Learning and Researching
• Creating & Innovating
• Delivering Results & Meeting Customer Expectations
• Automation and workflow optimisation
• Ability to translate technical findings into business impact

• Presenting and Communicating Information
• Deciding and Initiating Action
• Coping with Pressures and Setbacks
• Applying Expertise and Technology
• Following Instructions and Procedures
• Ability to work well independently & productively with minimal supervision
• Continuous improvement mindset