Security Engineer
  • South Africa Cape Town
  • Centrax Cloud
1 year before
31.12.2023
Protect and Defend
Cyber Defense Infrastructure Support
Job Description

About the job
Identifying and resolving technical incidents and problems. Through pre-emptive service incident and resolution activities, as well as product reviews, operational improvements, operational practices, and quality assurance this role will maintain a high level of service to clients. Their primary objective is to ensure zero missed service level agreement (SLA) conditions. The Security Engineer s responsible for managing tickets of low to high complexity.

Requirements

Ensure that assigned infrastructure at the client site is con gured, installed, tested, and operational
Perform necessary checks, apply monitoring tools and respond to alerts
Identify problems and errors prior to or when it occurs and log all such incidents in a timely manner with the required level of detail
Assist in analysing, assigning, and escalating support calls
Investigate third line support calls assigned and identify the root cause of incidents and problems
Report and escalate issues to 3rd party vendors if necessary
Provide onsite technical support to clients and provide eld engineering services to clients
Conduct a monthly random review of incidents and service requests, analyse and recommend improvement in quality
Provide continuous feedback to clients and affected parties and update all systems and/or portals as prescribed by NTT
Proactively identify opportunities for work optimization including opportunities for automation of work
Ability to communicate and work across different cultures and social groups
Ability to plan activities and projects well in advance, and takes into account possible changing circumstances
Ability to maintain a positive outlook at work
Ability to work well in a pressurized environment
Ability to work hard and put in longer hours when it is necessary
Ability to apply active listening techniques such as paraphrasing the message to con rm understanding, probing for further relevant information, and refraining from interrupting
Ability to adapt to changing circumstances
Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey

Advantageous Working Knowledge

Enterprise-scale LAN systems (STP, VTP, Port-channel, Trunking, VLANs, VACL’s, Stacking)
Understanding Protocols such as (HTTP/S, DHCP, DNS, SMTP, SNMP, NTP, SSH, FTP, and other webbased protocols)
Networking technologies, principles, and protocols based on OSI model, TCP/IP, UDP, IP addressing and MAC addresses, etc.
Basic Understanding of Routing Protocols such as (EIGRP & OSPF)
Knowledge of Enterprise Wi-Fi technologies
Knowledge of Cisco Identity Services Engine (ISE) & TACACS
Knowledge of Enterprise Monitoring (Spectrum, Cisco Prime)
Knowledge of incident management systems
Moderate years of relevant managed services experience
Moderate level knowledge in ticketing tools preferably Service Now

Academic Quali cations

Advanced diploma, degree, or relevant quali cation in IT/Computing (or demonstrated equivalent work experience)
CCNA and CCNP enterprise quali cation required
Fortinet NSE4

Required Experience

Demonstrated work experience
Demonstrated experience required in Engineering function within a medium to large ICT organization
Demonstrated experience of Managed Services
Demonstrated working knowledge of ITIL processes
Demonstrated experience working with vendors and/or 3rd parties

Quick response
Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0033   Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
  • K0044   Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • K0061   Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • K0106   Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities.
  • K0179   Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0205   Knowledge of basic system, network, and OS hardening techniques.
  • K0332   Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
Required Skills
  • S0007   Skill in applying host/network access controls (e.g., access control list).
  • S0077   Skill in securing network communications.
  • S0079   Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
  • S0121   Skill in system, network, and OS hardening techniques. (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.).
  • S0124   Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution.
  • S0367   Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Required Abilities
  • A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).