Job Title:  Cyber Security Incident Engineer

Notice

• Closing Date: Monday, 30 June 2025
• Please submit a PDF copy of your CV, IC, Academic and Professional Certificate(s)
• Only shortlisted candidates will be notified

Job Description

The purpose of the function of a Cyber Security Incident Engineer is to provide initial detection, analysis and response to security incidents within an organization. The role serves several key purposes such as early incident detection, incident triage and analysis, timely incident detection, timely incident response and documenting incident details for next action. 

Responsibilities and Tasks

• Monitor security alerts and events from various sources, such as SIEM, NDR, and other security tools
• Analyze incoming alerts and triage them based on predefined criteria to determine their priority and escalate as necessary
• Perform initial investigations to gather additional information and context about the alerts
• Detect and identify potential security incidents based on analysis of security events, logs, and alerts
• Conduct preliminary analysis of incidents to determine their nature, severity, and potential impact on the organization's systems and data
• Use incident response playbooks and standard operating procedures to guide the initial response activities
• Provide support to L2 incident analyst in the execution of incident response activities
• Assist in coordinating and executing incident containment measures, such as isolating affected systems or blocking malicious activities
• Collaborate with other teams, such as system administrators and network engineers, to implement response actions
• Document all aspects of security incidents, including initial findings, actions taken, and relevant details in incident ticketing system
• Conduct security control assessments, including firewall rules, access control audits, and configuration reviews
• Prepare incident reports and updates for Senior Cyber Security Manager, providing clear and concise summaries of incident details, actions, and recommendations
• Ensure accurate and timely documentation to support post-incident analysis and reporting requirements

Competencies

• Knowledge of Cybersecurity Fundamentals    
• Security Tools and Technologies    
• Incident Response and Analysis    
• Log Analysis and Threat Detection    
• Cyber Threat Intelligence (CTI)    
• Analytical Skills    
• Written and spoken English    

Area and Years of Experience

• Incident response, including incident identification, investigation, containment, eradication, and recovery processes with 5 years of experience
• Coordinating and leading incident response efforts is beneficial with 5 years of experience
• Exposure to threat intelligence analysis, including monitoring and analyzing threat feeds, identifying emerging threats, and understanding their potential impact on the organization's security posture with 5 years of experience
• Preparing incident reports, documenting incident details, actions taken, and lessons learned with 5 years of experience

Education

Higher National Diploma in Information Technology, Computer Science or relevant areas and equivalent working experience.