Detailed Description

Reporting to the Team Leader – Cyber Security Operations Centre (CSOC), the successful candidate will lend support in Cyber threat detection, working in 24/7 shifts, providing eyes-on-the-glass service at the Safaricom CSOC, performing real-time monitoring and identification of security incidents. He/She will help identify suspicious activity, open incident investigation tickets and escalate any key concerns to Level 2/3 for additional analysis & communication.

Key Responsibilities

• Work in 24*7 shifts performing real time monitoring of security alerts generated by various security tools deployed by Safaricom.
• Serves as a primary point of contact for reporting potential security incidents.
• Validate, classify and open tickets for security incidents.
• Analyze and assess security alerts and escalate to Level 2/3 analysts for further investigations and communication.
• Document security incidents as identified by the case management process.
• Provide feedback on enhancing the operations of the cyber security operations Centre.
• Respond to generated security alerts within the time window as defined in procedural SLAs.
• Pick out potential intrusions from seemingly benign sets of audit logs or security alerts.
• Triage (primary investigation) of detected security alerts and make necessary escalation decisions.
• Escalation to appropriate teams, follow ups and provide assistance during remediation.

QUALIFICATIONS

• Bachelor's Degree in Electrical Engineering/Computer Science/IT Security/Information Technology.
• Knowledge of common SIEM solutions, the purpose of them and an understanding of how they work.
• Knowledge of common network protocols such as TCP/IP, HTTP, DNS, etc.
• Experience with Microsoft Windows and *NIX operating systems is required.
• Knowledge and/or experience with common security tools such as anti-virus, Intrusion Prevention Systems and Firewalls is an added advantage.
• Knowledge and/or experience with Relational Database Management Systems (RDBMS) – Oracle, MS SQL, My SQL, Pervasive SQL is an added advantage.
• Good communication and presentations skills are required.
• Enthusiasm, curiosity, thirst for knowledge and passion for the job is required.
• Analytical thinking.
• Customer focused, Team spirit.