Job Description
Applications are invited from suitably qualified persons to fill the following posts within the Zimbabwe Revenue Authority (ZIMRA) – an equal opportunity employer.

Duties and Responsibilities
Key Responsibilities
▪ Monitor SIEM platforms, IDS/IPS alerts and security dashboards in real time; detect anomalies and cybersecurity events and escalate confirmed incidents to SOC Engineers.
▪ Classify, prioritise and handle Tier 1 security alerts and service requests; document known errors, conduct trend analysis and escalate unresolved incidents within defined SLAs
▪ Produce accurate incident detection records, escalation logs and compliance artefacts in line with ICT Policy and regulatory standards
▪ Identify potential vulnerabilities and network anomalies during monitoring activities; document and escalate unresolved threats to SOC Specialists for further investigation
▪ Document lessons learned from detected incidents and contribute to updates of SOC detection playbooks and escalation procedures
▪ Apply SOC monitoring standards, participate in peer reviews of incident documentation and contribute to continuous improvement of detection and escalation processes Implement Tier 1 monitoring controls, identify and report deficiencies in monitoring coverage and recommend corrective actions to the SOC Specialists
Contribute to intelligence-enriched monitoring by correlating threat feeds and indicators of compromise (IOCs) against real-time alerts in the SIEM platform.
▪ Any other duties as may be assigned by the Security Operations Specialist & Security Operations Manager.


Qualifications and Experience
Job Skills and Competencies
▪ Experience with endpoint detection and response (EDR) tools; familiarity with threat intelligence feeds, correlation rules and basic forensic analysis.
▪ A strong understanding of common security standards and regulations relating to information systems as well as risk related control frameworks and practices such as ITIL, ISO, COBIT, NIST Cyber Security
▪ Self-starter with ability to work under pressure and beyond stipulated hours
▪ Strong communication and presentation skills along with the ability to work in a highly collaborative environment
Qualifications and Experience
▪ Bachelor’s Degree in ICT, Computer Science, Information Systems, Cybersecurity, or equivalent discipline.
▪ Must have at least one of the following Certification: CEH; CompTIA Security+; Certified SOC Analyst (CSA); GIAC Security Essentials (GSEC); COBIT; ISO 27001, ITIL or a comparable ICT/Security certification.
▪ Minimum of two (2) years' experience in ICT security, SOC operations, or equivalent experience in ICT Operations/Cybersecurity roles
▪ Demonstrate exposure to incident detection and escalation, service request handling, vulnerability identification and containment actions.