Security Operations Engineer
Nexio
SUMMARY AND PRIMARY OBJECTIVES
We are seeking a highly skilled and motivated Security Operations Engineer to join our IT Support team. The ideal candidate will be responsible for monitoring, managing, and enhancing the security posture of our IT infrastructure. This role involves identifying and mitigating security threats, responding to security incidents, and ensuring compliance with industry standards and best practices.
SCOPE OF WORK: DELIVERABLES, RESPONSIBILITIES AND ACTIVITIES
Security Monitoring and Incident Response
- Monitor security alerts and logs from various sources (SIEM, IDS/IPS, firewalls, etc.)
- Investigate and respond to security incidents in a timely manner.
- Conduct root cause analysis and implement corrective actions to prevent future incidents.
Threat Management and Vulnerability Assessment
- Perform regular vulnerability assessments and penetration testing.
- Analyze and prioritize vulnerabilities, and work with IT teams to remediate them.
- Stay updated on the latest security threats and trends and adjust security measures accordingly.
Security Infrastructure Management
- Manage and maintain security tools and technologies (antivirus, DLP, firewalls, etc.).
- Ensure the security infrastructure is up-to-date and properly configured.
- Implement and enforce security policies and procedures.
Compliance and Reporting
- Ensure compliance with relevant regulations and standards (e.g., GDPR, ISO 27001).
- Prepare and maintain documentation related to security policies, procedures, and incidents.
- Generate and present regular security reports to management.
Collaboration and Training
- Work closely with other IT teams to integrate security practices into all aspects of the IT environment.
- Provide security training and awareness programs for employees.
- Collaborate with external partners and vendors on security-related projects.
Qualifications and Experience Requirements
Education and Experience
- bachelor’s degree in computer science, Information Technology, or a related field.
- Minimum of 3-5 years of experience in a security operations or similar role.
- Matric/Grade12
Technical Skills
- Proficiency in security tools and technologies (SIEM, IDS/IPS, firewalls, antivirus, etc.).
- Strong understanding of network and system security principles.
- Experience with vulnerability assessment and penetration testing.
- Knowledge of regulatory requirements and industry standards (e.g., GDPR, ISO 27001, NIST).
Soft Skills
- Excellent problem-solving and analytical skills.
- Strong communication and interpersonal skills.
- Ability to work independently and as part of a team.
- Detail-oriented with a strong focus on accuracy and quality.
Certifications (Preferred)
- Certified Information Systems Security Professional (CISSP)
- Certified Ethical Hacker (CEH)
- CompTIA Security+
- GIAC Security Essentials (GSEC)
Personal Attributes and Skills Required
- Be prepared to work irregular hours if required and/or shifts
- Experience in coaching or mentoring junior support staff.
- Familiarity with data analysis tools to interpret customer service metrics.
- Knowledge of industry-specific software and tools.
- Ability to contribute to process improvement initiatives and project management.
- Attention to detail
- Ability to think and interact logically.
- A natural curiosity.
- The ability to work in a team and to be proactive around self-learning.
- The ability to work under pressure and to tight deadlines.
- Assist with additional tasks given to the team.
- Interpersonal skills.
- Good judgment skills.
- Good communication skills.
- Behavioral traits such as attitude, motivation, and time management.