Requirements
- Degree in Information Systems, Computer Science, Cybersecurity, or a related field.
- Professional Certification(s) in incident handling and security analysis preferred.
- GCIH or its equivalent is preferred
- Minimum of 8 years of progressive experience in IT security, with a focus on Incident response
- Minimum of 4 years of experience in a security operations center, with proven leadership capabilities.
- Intermediate knowledge of security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration
- Proven experience in managing incident response and performing threat hunting
- Proven experience in integrating AI and automation in IT Security using Security Orchestration Automated Response (SOAR) technologies.
- Proficiency in Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), traffic and packet analysis, digital forensics, and cloud security.
- Experience in Blue/Purple teaming, firewall, Intrusion Prevention Systems (IPS), Web Application Firewalls (WAF) administration, virtualization, and cloud technologies.
- Experience in monitoring and administering host-based intrusion detection systems.
- Knowledge and experience in Linux/Windows/Database technologies preferred.
- Strong knowledge of industry standards and information security policy frameworks.
- Hands-on experience with scripting and automation tools to enhance security operations.
- Ability to conduct gap analysis of current processes and identify opportunities for improvement.
- Evaluate internal and external environments for threats related to Information Security and act as a subject matter expert to ensure these are properly addressed and controlled.
- Continuously improve event correlation and alerting processes and use cases to detect potential incidents.
- Automate manual processes to enhance security incident response.
- Experience with network security assessment tools.
- Excellent leadership and team management skills, with the ability to inspire and motivate a team.
- Strong communication skills, with the ability to effectively interact with stakeholders at all levels, including University administration.
- Demonstrated ability to drive strategic initiatives and lead a team through change.
- Exceptional problem-solving skills and the ability to think critically under pressure.
- Ability to interview stakeholders to define and document business requirements.
- Provide advice and guidance on response action plans for information risk events and incidents based on incident type and severity.
Shortlisted candidates will be offered a 3 Years direct contract employment.