Moyosola Olalekan Outsourcing Services - Our client is a cybersecurity company located in Lagos, Nigeria and provides solution to cyber threats and risks for enterprises across Nigeria and Africa. In view of expansion, they require qualified professionals to join their outstanding team to achieve bigger organizational goals in the capacity below:
Job Title: Junior Emergency Incident Responder
Location: Lagos
Employment Type: Full-time
Job Summary
An emergency incident responder averts, prevent and mitigate cybersecurity threats
Key Duties / Responsibilities
Avert, prevent and mitigate cybersecurity threats
Ensure application of best technical skill of high priority, critical and escalated cybersecurity incidents
Support cyber incident response actions to ensure proper assessment, containment, mitigation, recovery and documentation.
Interact and assist other investigative team on time sensitive, critical investigations
Prepare after action reports based on lesson learned from critical cybersecurity incidents
Advise on the development and tuning of SIEM rules and contents management for continuous improvement of the SOC’s threat detection capabilities
Handle incident response preparation activities (including tabletop exercises, simulations and drills) to create and verify IR plans, playbooks and procedures while identifying opportunities for improvement
Perform threat hunting activities, investigate /analyze large and unstructured data sets, malicious artifacts, usings EDRs and other cybersecurity solutions to identify trends and anomalies indicative of potential threats
24/7 readiness and availability for emergency incident response action in collaboration with the SOC.
Serve as a backup for potential staff coverage gaps to ensure business continuity.
Skills and Requirements
Qualifications: Degree in Cybersecurity, Computer Science, Engineering, Or Related Discipline
Experience: Minimum of 1 year relevant experience in IT security including working in a SOC
Security Certifications: Cybersecurity certifications are a plus. Examples include, eCIR, ECIH, CEH, Security+, CySA+, eJPT, CISSP, CISM, GCFE, GCFA etc.
Understanding of multiple security domain such as risk management, security operations analysis and triage, intrusion detection, incident response, threat hunting, malware analysis, application security, computer and mobile digital forensics
Knowledge of various security tools, such as a SIEM, EDR/ XDR, digital forensics & malware analysis tools, AV, vulnerability and network scanners, IDS/IPS, Network Firewalls, NAC, DAM, etc.
Knowledge of malware families and network attack vectors
Knowledge of Linux and window system internals
Knowledge of Microsoft Active Directory Domain Services
Strong understanding of networking concepts, architectures and security mechanisms
Knowledge of database functionality for various databases e.g. SQL, Oracle etc
Knowledge of cloud computing with AWS, Azure and GCP
Understanding of attackers’ tactics, techniques and procedures (TTPs)
Demonstrated experience in an enterprise level incident response team or security operation center
Understanding of logging components and capabilities across various systems
Solid experience and the ability to analyze network traffic, endpoint indicators, IOCs/IOAs
Ability to combine/search/correlate various log sources to identify potential threats, assess the potential damage, and recommend countermeasures
Sound analytical and problem-solving skills with excellent attention to details
Continuously learning with the ability to quickly understand and adapt to new or previously unknown security concepts and tools
Self-driven, highly motivated and determined to provide value on assignments
Ability to work independently and in a team environment
Ability to work with multiple stakeholders such as engineering/ operation teams, internal business units, external incident response teams, and law enforcement, throughout the incident lifecycle.