Incident Management (75 %)
Confirming whether reported incidents are actually security incidents
Classifying the incident according to incident classification categories
Managing security incidents to ensure they are confirmed, contained, and remediated in a timely manner
Escalating incidents within Information Security when required
Ensuring a root cause analysis is performed when appropriate
Ensuring all required documentation is recorded
Operationalize actionable intelligence reports from the Threat Intelligence team and external sources
Coordinate the initial workflow and response for varying incident types with internal and external teams
Collaborate with operational support staff to ensure they are actively engaged in potential security threats and concerns
Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary
Communicates alerts regarding intrusions and compromises to network infrastructure, applications and operating systems along with Data Leakage incidents.
The candidate must have insight into industry trends, current attack techniques, threat intelligence.
Constantly evaluate the ever-changing threat landscape, take feedback from stakeholders, clients to determine any gaps organization may have with their existing
policies and programs
Business As Usual (25%)
Supporting business and clients requirements, including responding to client enquiries which come to the ad-hoc mailbox.
Forwarding enquiries to the appropriate teams
Undertaking such other tasks and responsibilities as assigned by the CISO / ISM