Closing Date
.jpeg)
2025/07/25
Number of Reference
6 AEC250710
The main office of Pillar
Chief of Security Defense and Operations
Permanent Job Type
DU Job Grade
Position count: 1
Town/Site Woodmead is the location.
Province: Gauteng
The Nation of South Africa
Job Description
Job's Objective
To oversee the operational defense of the AECI's digital infrastructure by coordinating incident response, administering vulnerability remediation, and enforcing essential security measures.
The primary responsibility of this position is to guarantee that hazards discovered by the v Security Operations Center (SOC) are immediately addressed, security breaches are handled, and network and endpoint protections are constantly improved.
In addition to assisting in compliance with internal and external security standards, the position is essential to reducing cyber risk exposure and protecting business continuity.
Important Inside Stakeholders
• IT Infrastructure and Operations Teams – for coordinating patching, vulnerability remediation, and endpoint protection.
• Service Desk – used to handle incident response procedures and report security warnings.
• Vulnerability Management and SOC Providers – for threat detection, alert triage, and vulnerability scanning.
• DevSecOps and Application Security Teams: for incorporating response playbooks and promoting safe development methods.
• Risk & Compliance Team – for ensuring that incident response complies with audit and compliance standards.
Important External Stakeholders
• Third-party security providers, such as those that offer vulnerability scanning, SOC, and EDR services.
• Managed Security Service Providers (MSSPs) for outsourced monitoring or incident assistance, where appropriate.
• Regulatory agencies and auditors throughout incident response evaluations or security audits
Input of Key Performance Areas
• Threat intelligence and SOC alerts lead incident remediation for threats identified by the virtual Security Operations Center (SOC), ensuring timely and effective containment and recovery.
• Internal IT coordination and external vulnerability scans Coordinate vulnerability remediation, making sure that vulnerabilities are tracked, prioritized, and addressed in conjunction with IT teams.
Verify the resolution of security events and the completion and efficacy of patching operations by reviewing patch reports and security incident logs.
• Vulnerability management processes Increase response efficiency and minimize false positives by optimizing alert handoffs and reporting procedures.
• Network segmentation tools and endpoint detection and response (EDR) systems Maintain and monitor important security measures, ensuring ongoing protection and adherence to security standards.
• Monitor third-party performance and ensure that service providers fulfill their contractual obligations and service levels in terms of vulnerability management and vSOC.
• Threat situations and operational procedures Create and maintain unified response playbooks for technical teams, allowing for a consistent and quick reaction to events.
Experience and Skills
• A bachelor's degree in computer science, information technology, information security, or a similar subject.
• Well-known cybersecurity credentials, like the one given by the industry:
• Professional Certification in Information Systems Security (CISSP)
• GIAC-certified Incident Handler (GCIH)
• CEH (Certified Ethical Hacker)
• CompTIA Security+ or CySA+
• Microsoft certifications that correspond to threat response and security operations:
• SC-200: Microsoft Security Operations Analyst – with a concentration on utilizing Microsoft Defender and Sentinel to identify, analyze, and respond to threats
• SC-300: Microsoft Identity and Access Administrator – important for IAM and access control integration
• SC-900: Microsoft Security, Compliance, and Identity Fundamentals – Basic understanding of Microsoft security and compliance technologies
• Prior experience with Microsoft Defender for Endpoint, Microsoft Sentinel, and other Microsoft 365 security solutions is quite beneficial.
• More instruction in incident response, vulnerability management, and EDR platforms is advised.
• 6–10 years of progressive experience in cybersecurity operations, including practical incident response and threat mitigation.
• Verified knowledge of managing or collaborating closely with a virtual Security Operations Center (SOC) and vulnerability management systems.
• A solid foundation in vulnerability mitigation and patch management coordination among infrastructure and IT staff.
• Knowledge of managing and enhancing network segmentation controls and endpoint detection and response (EDR) solutions.
• Proven capacity to create and put into practice incident response playbooks and operational processes.
• Experience in managing and assessing the effectiveness of outside security service suppliers.
• Prior exposure to enterprise IT environments, ideally with hybrid cloud infrastructure, Active Directory, and SAP.
Individual Qualities
• Leading the incident response and remediation effort
• Patch lifecycle coordination and vulnerability management
• Implementation and improvement of security controls (such network segmentation and EDR)
• Automating and designing the workflow for handling and reporting SOC alerts
• The creation of technical writing for response strategies and playbooks
• Knowledge of remediation methods and vulnerability scanning tools
• Understanding of network security architecture and endpoint protection systems
• Understanding of cybersecurity frameworks like NIST and MITRE ATT&CK
• Knowledge of how the service desk interacts with the IT infrastructure
• Effective dialogue and cooperation between technical and non-technical groups
• An analytical approach to threat assessment and mitigation, paying close attention to details
• Responsibility and ownership for the results of operational security
• Ongoing commitment to improvement, particularly in streamlining procedures and controls:APPLY
0 comments:
Post a Comment