Cybersecurity Engineers at Council for Scientific and Industrial Research (CSIR)

Key Responsibilities

• Design, develop, engineer, implement and/or manage cybersecurity tools and systems/infrastructure for Computer Security Incident Response Team (CSIRT) services;
• Direct the CSIRT knowledge base for maintaining a current knowledge of the ICT security technologies, threats, vulnerabilities concepts and controls, including appropriate countermeasures, and advising on ICT security best practices and recommendations;
• Produce design documentation, best practices recommendations, secure system configurations and other documents for CSIRT, NICIS and beneficiary systems and infrastructure; specifically provide technical expertise on securing the NICIS (SANReN, CHPC, DIRISA) infrastructure;
• Assist analysts in monitoring security threats and risks and lead the detection and investigation of suspicious ICT security events as technical expert;
• Ensure compliance with regulatory related to the security and privacy of digital information;
• Perform threat intelligence and technology watch activities and generate announcements suitable for and relevant to NICIS beneficiaries;
• Contribute and provide expert inputs towards the development of CSIRT processes/workflows, as well as contribute towards the development, adoption of, and ensure compliance with ICT security policies and processes;
• Develop, procure and/or customise required ICT security tools and technologies;
• Provide technical incident response support to NICIS staff and beneficiaries;
• Present the development of new CSIRT systems, tools and/or processes at appropriate forums (e.g. International CSIRT meetings) and network with key stakeholders and partners.
   

Qualifications, Skills And Experience

• A Bachelor’s degree in information technology, information systems, computer science, engineering or related field with at least six years’ general ICT experience (networks, system administration and/or development), including two years in information security (preferably engineering);
• An intermediate/advanced-level information security certification in at least one of the following or similar qualifications;
  • CompTIA Cybersecurity Analyst (CASP+);
  • (ISC)2 Certified Information Systems Security Professional (CISSP);
  • Offensive Security Certified Professional (OSCP);
• Open-source tools and operating systems;
• Skills in at least two of the following areas;
  • Programming and/or scripting;
  • Penetration testing principles, tools and techniques;
  • Vulnerability handling/management/assessments;
  • Detection sensors and analysis of sensor data (e.g. honeypots, intrusion detection/prevention systems, netflow, traffic/protocol analysis);
  • Security Information and Event Management (SIEM) tools, log aggregation, event correlation.