Job Description

Company based in Bree Street, Cape Town

Industry - Telecommunications

Permanent

Please forward your updated CV to Michelle - kindo.m@abcworldwide.com

Cyber Security Regional Lead

The Cyber Security L3 Regional Lead (Africa) will lead all SecOps activities within the region. This will include acting as an escalation point for and co-ordinating the activity of, a newly established 24/7 L1 SecOps function. A key leadership and management role, the successful applicant will oversee the day-to-day activity of the L1 SOC analyst team based in our new Centre of Excellence (CoE) facility. This will include coaching and mentoring junior staff, maintaining Global 24/7 monitoring and investigation coverage and acting as a technical escalation point. Working with the SOC Lead, the successful applicant will be an experienced L3 SecOps SME with extensive monitoring and investigative experience, able to proactively provide insights into an attacker's network activity and continually drive improvements in our response times, while continually seeking to identify opportunities for automation within the SecOps function. The successful candidate will keep up to date with cyber trends and have a good level of knowledge in areas such as incident response, malware analysis and networking.

Key Responsibilities:

• Act as the main point-of-contact for all SecOps activities within the region,
• Lead and line manage the internal L1 SOC analyst team, which will include responsibility for: hiring training and ensuring that adequate coverage is provided 24/7,
• Develop and continually refine detection and response processes for the L1 SOC analyst team, forcing on a drive to automation,
• Ensure L1 Analyst action and response SLAs are met within the SecOps function,
• Review security events and potential threats, reporting to the SOC Lead when above the agreed SecOp risk threshold, and/or meet the incident criteria,
• Detect and address potential cyber-attacks and/or breaches through host, network, application, and security device monitoring,
• Follow standard processes outlined towards management of chain of custody post a cyber incident,
• Interface with the Incident Response Management function to report potential or actual incidents that have occurred and support the incident management process,
• Ensure accountability and full ownership of incidents escalated by the L1 SOC Analysts, and ensure mitigating actions performed adhere to internal policy,
• Provide L3 support and assistance to the wider SOC team,
• Establish a working environment within the CoE that promotes the importance of employees acting with integrity and in an ethical manner in line with the Group Code of Conduct,
• Demonstrate commitment to the Ardagh core values through upholding our standards of business conduct, complying with Group policies & procedures, and leading by example.

• Over 5 years of experience in Security operations,
• Team Leadership experience, preferably within a 24/7 environment,
• Bachelor's degree in Computer Science, or related field; or relevant work experience.
• Strong experience with network security monitoring technologies.
• Deep experience with a wide range of enterprise common security platforms, SIEMs, endpoint security, vulnerability management,
• Experience with network analysis tools,
• Capable of working under pressure in a continually changing fast paced environment. Including crisis management in the event of a large scale incident,
• Ability to effectively collaborate with stakeholders across a global environment,
• Strong written and verbal communication skills,
• Strong analytical and problem-solving skills,
• Strong leadership skills and initiative.

AKA Brip Careers Worldwide