Job Description

Why choose Logicalis?Itxe2x80x99s not just IT solutions, Itxe2x80x99s IT global know-how! Logicalis is an international multi-skilled solution provider providing digital enablement services to help customers harness digital technology and innovative services to deliver powerful business outcomes.Our customers span industries and geographical regions; and our focus is to engage in the dynamics of our customersxe2x80x99 vertical markets; including financial services, TMT (telecommunications, media and technology), education, healthcare, retail, government, manufacturing and professional services, and apply the skills of our 4,500 employees in modernising key digital pillars; data centre and cloud services, security and network infrastructure, workspace communications and collaboration, data and information strategies, and IT operation modernisation. We are the advocates for our customers for some of the worldxe2x80x99s leading technology companies including Cisco, HPE, IBM, CA Technologies, NetApp, Microsoft, Oracle, VMware and ServiceNowLogicalis employees are innovative, smart, entrepreneurial and customer centric, with a shared ambition of making Logicalis the worlds leading IT Solutions provider!We offer speedy decision-making, opportunities for personal development, and a supportive, inclusive environment that celebrates our diversity.Join us and become a part of something epic!ROLE PURPOSEThe Security Operations Centre will provide defence against security breaches and actively isolate and mitigate security risks. The Tier 2 SOC Analyst forms part of the security operations centre SOC team. The SOC Team will identify, analyse, and react to cyber security threats using a reliable set of processes and security technologies. The SOC Team includes the SOC Manager, SIEM Platform Manager, Case Manager, Tier 2 SOC Analysts, Tier 3 SOC Analyst, and Security Engineers. They work with IT operational teams to address security incidents and events quickly. The SOC Team will provide a critical layer of analysis needed to seek out any irregular activity that couldsuggest a security incident.ROLE AND DELIVERY RESPONSIBILITIES:The job role includes actively participating in the incident detection process as follows:

• Provide technical escalation point for Tier 1 Analysts on security incidents, security alerts and response to general inquiries that require security risk, privacy, or threat input.
• Be available to assist Tier 1 Analysts with critical incidents and a refence for Tier 1 Analysts on security alerts and general inquiries.
• Performs analysis of log files
• Perform log analysis for suspicious events.
• Feed data back to threat feed sources where appropriate of new threats found during internal investigations.
• Takes an active part in the containment of incidents, even after they are escalated.
• Help Tier 3 Analyst with the investigation of system breaches.
• Help Tier 3 Analyst with Higher Tier incidents.
• Takes information from the vulnerability management team about vulnerabilities found and opens incident tickets against the appropriate assets.
• Proactively update the systems and make sure the latest patches are deployed.
• Documents remediation required based on input during incident handling or vulnerability identification.
• Record new Incidents and resolution procedures and documentation.
• Track tickets for remediation of issues found during an incident or vulnerability that is required to facilitate a closed loop process.
• Be responsible for Client Request and track them to fulfilment.
• Manage whitelist and blacklist in SIEM and disseminates to appropriate operators for tool policy updates or setting updates in security tools.
• Manage and block suspicious IPs on Azure Sentinel.
• Update work procedures and documents
• Issue documentation and proactively contacts system asset owners when an incident is resolved to ensure that remediation steps are understood, and remediation timeline is committed in ticket.
• Understanding and exceeding all SLA commitments.Make sure all incident doesnxe2x80x99t breach SLA and are compete within the allocated time.
• Review daily and weekly metrics for security and vulnerability incidents.
• Escalating issues to Tier 3 or Manager when necessary.
• Knowledge base article submissions and hare daily updates on security news with the team hare daily updates on security news with the team

KEY PERFORMANCE INDICATORS:KPIxe2x80x99s

• Provide analysis and trending of security event data from a large number of heterogeneous security devices using the SOC SIEM.
• Provide Incident Response (IR) support when analysis confirms actionable incident.
• Provide threat and vulnerability analysis as well as security advisory services to customers.
• Analyze and respond to previously undisclosed software and hardware vulnerabilities
• Investigate, document, and report on information security issues and emerging trends to customers.
• Coordinate with customer and helpdesk resources to resolve security events and incidents within the required Service Level Agreement (SLA) response times.
• Integrate and share information with other analysts and other teams.
• Other duties as assigned.xe2x80x8b

PERSON REQUIREMENTS:EXPERIENCE:

• Strong knowledge and experience working with SIEM Solutions, QRadar, McAfee ESM, Azure Sentinel
• 3 to 5 yearsxe2x80x99 experience in IT Infrastructure Support, and a further 2 to 3 yearsxe2x80x99 track record as a Tier 2 SOC
• Analyst or Threat Hunter (Red Teaming) in an established SOC
• Advanced knowledge of networks technologies (protocols, design concepts, access control)
• Advanced knowledge of various security technologies (firewalls, web gateway, endpoint protection, vulnerability management, network infrastructure, etc.)
• Advanced IT infrastructure technical and problem-solving skills
• Good experience working with email security solutions
• Good experience working with vulnerability management.
• Good understanding of the MITRE ATT&CK framework
• Good understanding of the ITIL Framework.
• Brilliant with a support ticketing system and experience in meeting SLA targets.
• Familiarity with risk management and quality assurance control.
• Excellent interpersonal skills and professional demeanor
• Excellent verbal and written communication skills

• Proficient in Microsoft Office Applications
• Excellent verbal and written communication skills
• Candidate must be eligible to obtain National Security Clearance
• Excellent customer service skills
• Excellent interpersonal skills and professional demeanor

QUALIFICATIONS:

• Grade 12
• ITIL Foundation qualification
• CEH
• Azure Sentinel SC-200
• Azure Sentinel AZ- 500
• Degree or Diploma in Computer Technology
• CompTIA A+, N+ S+
• CompTIA CySa and CASP+ advantageous

ADDITIONAL SKILLS/ATTRIBUTES:

• Advanced Microsoft Excel experience, specifically data interpretation
• Good understanding of IT infrastructure
• A high command of the English language both written and verbal is essential.
• Self-motivated with the ability to work unsupervised.
• Attention to detail
• Punctuality
• Excellent verbal and written communication skills
• Ability to remain flexible and adapt to changing priorities with promptness, efficiency, and ease
• Possess proficient analytical and decision-making skills
• Demonstrated capacity for gathering and scrutinizing data to identify issues, opportunities, and patterns
• Proficient relationship building skills xe2x80x93 predict customer behavior and respond accordingly
• A strong service-oriented (xe2x80x98can-doxe2x80x99) culture, with a strong focus on the xe2x80x98internal customerxe2x80x99 approach, committed to exceeding customer expectations
• Good communicator with the customer environment
• Dynamic but aware of the views and feelings of others
• Able to operate as a good team player
• Drive and Energy
• Demonstrate clear purpose, enthusiasm, and commitment.

Logicalis