Cyber Defense Center Engineer; Re-advertisement Job Midrand area,Gauteng South Africa,IT/Tech

Position: Cyber Defense Center Engineer (Re-advertisement)
Business Department:
Cyber Security

PURPOSE:

To analyse security events and alerts and to gather and carry out remediation tasks on console for Gijima clients through its toolsets, operational monitoring, preventative actions and crisis management

FORMAL EDUCATION:

Grade 12 (essential)
IT Certificate/Diploma/Degree

TECHNICAL CERTIFICATION:

IBM QRadar Certification
Fortinet Forti

SOAR certification
Microsoft Sentinel (SC-200 or equivalent)
ITIL
CISSP, CEH, GPEN, OSCP or similar security certifications advantageous

EXPERIENCE:

Expert-level experience with IBM QRadar, Microsoft Sentinel, and Fortinet FortiSOAR
Strong rule tuning, AQL/KQL scripting, and log pipeline management
In-depth knowledge playbook development, Python operations, and connector debugging
Strong Linux administration and troubleshooting skills
Python scripting for custom playbooks and API-based integrations
REST API, JSON, YAML, Jinja templates
Ability to present technical content confidently to clients
Familiarity with ITIL, incident lifecycle, and ticketing systems
Strong written skills for reports, playbooks, and technical documentation
Working Knowledge with the following technologies:
Windows and Active Directory, Unix and Linux, Anti-Malware Systems, Open Source Intelligence, Firewall, IDS/IPS, Vulnerability Management & Proxy management
Experience in malware investigation advantageous
Experience in a Security Operations Centre environment
Understanding of the different types of Cyber Security Attacks & how to prevent them.

RESPONSIBILITIES:

Design, maintain and optimise SIEM and SOAR platforms
Develop, maintain and refine detection use cases and correlation rules
Build and maintain Forti

SOAR playbooks and automation workflows
Perform SIEM and SOAR platform health checks
Analyse threat feeds and translate intelligence into actionable detections
Works with customers, vendors and internal resources for problem resolution and security advisories
Standardizes process and procedures and provides continual improvement
Use case writing, development and refinement for detection of threats
Training of junior analysts
Provide escalation support for complex incidents
Analyse security events/alerts and recommend remedial actions
Analyse trends across time and clients for remedial actions
Provide analysis in contracted reports
Health checks on monitored devices
Analyse Network flow data & investigate deviations from baseline
Investigate suspicious emails for phishing attacks.

Knowledge

IBM QRadar experience
Fortinet Forti

SOAR experience
Microsoft Sentinel experience
Must have an understanding of use cases
Must have excellent problem solving skills.
Detailed technical knowledge of technology protocols (TCP/IP, SMB, SSH etc)
Good knowledge of scripting languages
Data Analysis
Understanding of SIEM use cases and detection logic

Skills

Communication skills (verbal and written - report writing, email and presentation)
Problem solving skills
Customer orientation
Planning and organising skills
Analysing skills
Writing and Reporting
Learning and Researching
Creating & Innovating
Delivering Results & Meeting Customer Expectations
Automation and workflow optimisation
Ability to translate technical findings into business impact

Personal attributes

Presenting and Communicating Information
Deciding and Initiating Action
Coping with Pressures and Setbacks
Applying Expertise and Technology
Following Instructions and Procedures
Ability to work well independently & productively with minimal supervision
Continuous improvement mindset


Increase/decrease your Search Radius (miles)



Job Posting Language