Jobs at Nexio

ROLE REQUIREMENT

• Adheres to the standard operating procedure and playbooks in the SOC.
• Impacts on Customer satisfaction and confidence in the SOC Service and service level performance.
• Validate and declare security incidents based on incident handling methodologies.
• Confirm severity levels (S0 to S4) using SLA severity classification.
• Provide guidance and support to SOC Analysts during incident response.
• Utilize threat intelligence, updated rules, and IOCs to identify affected systems and the extent of attacks.
• Conduct in-depth threat intelligence analysis to uncover attack types, data/systems impacted, and potential perpetrators.
• Make recommendations to incident managers regarding additional analysis and required remediation.
• Determine the impact on critical systems or data sets and advise on remediation steps.
• Validate false positives, policy violations, intrusion attempts, security threats, and potential compromises.
• Suggest containment and recovery steps based on analysis findings.
• Formally document learnings and update relevant documentation such as tickets and run books.
• Provide support for analytic methods to detect threats and conduct further triage based on defined run books.
• Consolidate data through alert triage, providing necessary context before escalating to Operations and Security Engineering Teams for deeper analysis.
• Manage security events, incidents, and service requests via the ticketing systems.

Identify alarms by intent and method, including reconnaissance, system compromises, and ingested log sources:

• Firewalls and network devices
• Infrastructure server and end-user systems
• Threat intelligence platforms
• Web proxies
• Cloud and hybrid-IT provisioning, access, and infrastructure systems (Amazon Web Services)
• Antivirus systems
• Intrusion detection and prevention systems
• Similar in Scope source systems
• Apply the MITRE ATT&CK framework for anomaly analysis and conduct additional analysis using correlation rules and SIEM alerts.
• Validate and update initial tickets in the SIEM platform and Service Desk.
• Monitor event queues, investigate potential incidents, and escalate or close events as necessary.
• Validate investigation results and pass relevant details to the SOC Team Lead.
• Assess security controls based on cybersecurity principles and frameworks (e.g., CIS CSC, NIST SP 800-53).
• Analyze network traffic, characterize threats, and coordinate with cyber defense staff for validation.
• Document and escalate incidents, perform trend analysis, and report findings.
• Review security architecture, identify gaps, and recommend risk mitigation strategies.
• Provide timely detection, identification, and alerting of possible attacks, intrusions, and anomalous activities.
• Utilize cyber defense tools for monitoring and analyzing system activity, identifying and analyzing malicious behavior.
• Conduct analysis of network traffic, including network mapping, OS fingerprinting, and identification of compromised credentials.
• Assist in the development of signatures for cyber defense tools.
• Notify stakeholders of suspected cyber incidents, articulate event details, and follow the organization's incident response plan.
• Analyze and report on organizational and system security posture trends.
• Assess access controls and monitor external data sources for emerging threats.

Additional Information:

• Individuals at this level are competent in best practices in security incident handling in an established SOC.
• Able to build strong interpersonal relationships with the SOC team and customer stakeholders.
• Competent communication skills and communication of complex information to non-technical stakeholders.
• Competent in producing and presenting work.
• Good understanding of security incident analysis and incident handling practices, proficient knowledge of networking protocols, operating systems, and security architecture in an established SOC.
• Proficiency in security tools such as SIEM, IDS/IPS, EDR, and network analyzers.

JOB SPECIFIC REQUIREMENT

• Adhere to operational processes in the NIST CSF, CIS CSC, NIST SP 800-53, and MITRE ATT&CK framework.
• Proficient in incident triage methodologies and techniques to identify and investigate potential security threats and apply playbooks.
• Prior experience to advise, plan, deploy, configure, manage, and monitoring large-scale and complex cyber defence and IT risk management and information or cybersecurity solutions.

QUALIFICATIONS & EXPERIENCE

• Grade 12
• One or more of these industry Cybersecurity Certifications: such as CISSP, GCIH, GCIA, or relevant vendor-specific certifications
• Minimum of four (4) years of work experience, and three (3) years of relevant experience in an established SOC and information security/cybersecurity
• Ability to partake in exercises, assist in developing playbooks, and automate processes.
• Experience with a ticketing system such as BMC Remedy.
• Proficient understanding of cybersecurity principles, technologies, and best practices.
• Experience working with cloud environments (Amazon Web Services Security) is desirable.
• Analytical, problem-solving, and critical-thinking skills.
• Proficient communication and collaboration abilities with various stakeholders.
• Proficient in security event analysis, and incident response.
• Experience in working across security frameworks and technologies.
• Familiarity with security tools and technologies, such as SIEM, IDS/IPS, EDR, and vulnerability scanners
• Proficient analytical and problem-solving skills with attention to detail

LEADERSHIP COMPETENCY REQUIREMENTS

• Ethics: Maintain integrity, professionalism, and promote ethical behavior.
• Crisis Management: Effectively respond to and manage cybersecurity incidents.
• Responsive to Requests: Responsiveness to reasonable customer, supplier, and management requests.
• Attention to Detail: Pay attention to detail and ensure deliverables undergo quality reviews.
• Proactive and Reliable: Be proactive, innovative, and demonstrate reliability.
• Customer-Centric Approach: Put the customer first and go the extra mile in the company's best interest.
• High-Performance Team Player: Positively contribute to the high-performance team.
• Emotional Intelligence and Integrity: Demonstrate emotional intelligence and act with integrity.
• Teamwork and Collaboration: Work well with others and maintain a high-performance team ethic.
• Willingness to Learn: Be open to learning a range of security technologies and platforms.
• Positive Attitude: Maintain a positive attitude in the face of challenges.
• Leadership Potential: Exhibit the potential for leadership by taking ownership of assigned tasks, demonstrating a sense of responsibility, and displaying a strong work ethic. Show willingness to share knowledge and contribute to the development of the team and its capabilities.

go to method of application »

ROLE REQUIREMENT

• Pro-actively managing VIP’s on the Vodacom campus regarding hardware, software and connectivity.
• Availability at all hours, when if and when required.
• The logging of all requests via telephone and email accurately into the Remedy System
• Manage end to end all calls logged and providing updates to keep customers informed. 
• Include all troubleshooting notes in logged request or incident.
• Provide first line support for VIP’s facing challenges and try and resolve on first call.
• Gathering information through analytical trouble shooting or problem research to route the customers query to the correct resolver team or apply an appropriate resolution.
• Identify trends by monitoring and analysing incoming calls, problems and support requests. 
• Use the required dashboards or views to track and escalate issues seamlessly.
• Compile daily health checks within the environment to highlight any challenges or forthcoming attractions.
• Escalation and management of calls to agreed SLA’s
• Avoid requests from breaching target to meet client’s satisfaction.
• Manage all Pending UNA requests.
• Ensure the device is correctly prepared before deployment.
• Set up user profiles.
• Connecting devices to the network
• Troubleshoot and repair technical desktop issues On-site or remote connection.
• Support for mobile devices (Ipads, Tablets, android devices etc…)
• Security Compliance for assets
• Executive support ((Dealing with executive requests)
• Asset Management/ reverse logistics (Asset transfers)

Additional Information:

• Have a detailed track record of supporting VIP’s
• Must be available on call at all hours, if and when required
• Must be a peoples person – Excellent interpersonal skills
• Must have own transport
• The ability to work in a team and to be proactive around self-learning
• The ability to work under pressure and to tight deadlines
• Willingness to assist with additional tasks given to the team
• Good judgment skills
• Good communication skills
• Behavioral traits such as attitude, motivation and time management
• Be prepared to perform standby duties and work irregular hours if required.

JOB SPECIFIC REQUIREMENTS

• Resolve as much calls on first call resolution
• Perform daily health checks in the environment to assure all systems are fully functional. 
• Identify and learn appropriate software used and supported by the organisation.
• Escalate queries beyond the scope to L3 support.
• Regularly update and attend to all customer UNA queries and follow UNA process.

QUALIFICATIONS & EXPERIENCE

• Matric/Grade12
• Excellent language command: English/Afrikaans
• 3 Years VIP Support Engineer Experience
• Excellent understanding of IT operations (essential)
• Experience in Remedy Service Desk (advantageous)
• Detailed track record of VIP support
• A+ and N+ certified
• Excellent attendance and punctuality are required
• Own vehicle (essential)