For more info about the programmes and cluster, please visit https://www.sanren.ac.za; https://www.dirisa.ac.za and https://www.csir.co.za/nextgen-enterprises-and-institutions.
Key responsibilities:
- Design, develop, engineer, implement and/or manage cybersecurity tools and systems/infrastructure for Computer Security Incident Response Team (CSIRT) services;
- Direct the CSIRT knowledge base for maintaining a current knowledge of the ICT security technologies, threats, vulnerabilities concepts and controls, including appropriate countermeasures, and advising on ICT security best practices and recommendations;
- Produce design documentation, best practices recommendations, secure system configurations and other documents for CSIRT, NICIS and beneficiary systems and infrastructure; specifically provide technical expertise on securing the NICIS (SANReN, CHPC, DIRISA) infrastructure;
- Assist analysts in monitoring security threats and risks and lead the detection and investigation of suspicious ICT security events as technical expert;
- Ensure compliance with regulatory related to the security and privacy of digital information;
- Perform threat intelligence and technology watch activities and generate announcements suitable for and relevant to NICIS beneficiaries;
- Contribute and provide expert inputs towards the development of CSIRT processes/workflows, as well as contribute towards the development, adoption of, and ensure compliance with ICT security policies and processes;
- Develop, procure and/or customise required ICT security tools and technologies;
- Provide technical incident response support to NICIS staff and beneficiaries;
- Present the development of new CSIRT systems, tools and/or processes at appropriate forums (e.g. International CSIRT meetings) and network with key stakeholders and partners.
Qualifications, skills and experience:
- A Bachelor’s degree in information technology, information systems, computer science, engineering or related field with at least six years’ general ICT experience (networks, system administration and/or development), including two years in information security (preferably engineering);
- An intermediate/advanced-level information security certification in at least one of the following or similar qualifications;
- CompTIA Cybersecurity Analyst (CASP+);
- (ISC)2 Certified Information Systems Security Professional (CISSP);
- Offensive Security Certified Professional (OSCP);
- Open-source tools and operating systems;
- Skills in at least two of the following areas;
- Programming and/or scripting;
- Penetration testing principles, tools and techniques;
- Vulnerability handling/management/assessments;
- Detection sensors and analysis of sensor data (e.g. honeypots, intrusion detection/prevention systems, netflow, traffic/protocol analysis);
- Security Information and Event Management (SIEM) tools, log aggregation, event correlation.
Closing date: 30 November 2019
PLEASE NOTE THAT FEEDBACK WILL BE GIVEN TO SHORTLISTED CANDIDATES ONLY.
For more info, please contact the CSIR Recruitment Centre on 012 841 4774 or email us at [email protected]
The CSIR is an equal opportunity employer. As such, it is committed to the Employment Equity Act of 1998. By applying for this position at the CSIR, the applicant understands, consents and agrees that the CSIR may solicit a credit and criminal report from a registered credit bureau and/or SAPS (in relation to positions that require trust and honesty and/or entail the handling of cash or finances) and may also verify the applicant’s educational qualifications and employment history. The CSIR reserves the right to remove the advertisement at any time before the stated closing date and it further reserves the right not to appoint if a suitable candidate is not identified.