SIEM Information Security Analyst /Senior Information Security Administrator
Pretoria
R Negotiable
Analyze data and generate reports out of the FortiSIEM tool;
Perform first level incidence response including the triage of Incoming issues (assess the priority of the event, determine risk and damage and route appropriately to the relevant resources to remediate
Ensure compliance to security policies and standards;
Provide fine-tuning of the FortiSiem tool including configuration and generation of reports
Provide adhoc support including network and information security monitoring and security risk mitigation as and when requested
Perform first level incidence response
Monitor client networks and endpoints for security events/alerts onthreats, intrusions and/or compromises.
Analyse security events from multiple sources including but not limited toevents from the SIEM tool, Firewall, IPS, EDR, Anti Virus.
Monitor and assess emerging threats and vulnerabilities to the environment and ensuring those requiring action are addressed
Identify and resolve false positive findings reported by information security tools
Security Incident Management, advice and education and maintaining the health of the deployed security tools
Operational support for information security tool alerts, triaging, and maintenance
Serve as Subject Matter Expert (SME) on assigned information security related projects and initiatives
Maintain confidentiality on all sensitive security matters Stay up-to-date with adversary tactics, techniques and procedures (TTPs)and IT news
Technical Skills requirements
In addition to the above skills experience, it will be advantageous for candidates to also have the following technical skills:
Minimum two years working experience as a SIEM Analyst,
1 year with FortiSIEM;
In-depth knowledge and proven expert proficiency in designing, engineering, configuring, maintaining, analyzing and reporting on FortiSIEM product;
Must have strong analytical and problem-solving skills and a solid understanding of how to troubleshoot connectivity and performance issues that involve firewalls, Web application firewalls, load balancers, network, and applications
In addition to the technical skills outlined above, the following attributes or skills are also required;
Ability to communicate clearly verbally and in written form;
Ability and willingness to engage in formal and informal knowledge transfer; and
Ability to work effectively as part of a team in support of the teams goals
Technical Skills Qualifications
Matric, with tertiary education preferably an IT diploma or bachelors degree
Minimum two years working experience as a SIEM Analyst, 1 year with FortiSIEM
Must have industry related and recognized qualifications and/or certifications
Very good knowledge of Cyber security solutions
All relevant technical and industry certifications such as: a) Fortinet Network Security Professional Certification