Information Security Centre Analyst Level 3
Johannesburg, South Africa
2d ago

Main Purpose :

To analyse security events and alerts and to gather and carry out remediation tasks on console for T-systems clients through its toolsets, operational monitoring, preventative actions and crisis management.

Description of responsibilities :

  • Conduct cyber intelligence operations including intelligence collection, tracking threat actors, identifying malicious behaviors and operations.
  • Works with customers, vendors and internal resources for problem resolution and security advisories.
  • Standardizes process and procedures and provides continual improvement.
  • Develops and maintain comprehensive documentation on incidents and analysis for clients and internal.
  • Compile security advisories for internal and external in document format with technical recommendations.
  • Use case writing, development and refinement for detection of threats.
  • Proactively search for rogue behavior, malicious attacks & suspicious activity.
  • Training of junior analysts.
  • Analyze threat feeds to produce daily / weekly / monthly Threat Intelligence brief and regular threat trend reporting.
  • Analyse security events / alerts and recommend remedial actions.
  • Analyse vulnerability scan data and recommend remedial actions.
  • Analyse trends across time and clients for remedial actions.
  • Provide analysis in contracted reports.
  • Healthchecks on monitored devices.
  • Analyse Network flow data & investigate deviations from baseline.
  • Pro-actively hunt for threats, vulnerabilities & suspicious activity.
  • Investigate suspicious emails for phishing attacks.
  • Qualifications and Experience Required :

  • Grade 12 (essential).
  • Certification in IBM QRadar essential.
  • Experience analyzing phishing attacks
  • CISSP, CEH, GPEN, OSCP or similar security certifications.
  • Experience producing reports and briefs on the current threat landscape and associated risks.
  • Experience monitoring third party security related websites, forums and social media sites for information regarding vulnerabilities and exploits.
  • Experience conducting malware analysis usage of VirusTotal etc.
  • Experience replicating reported vulnerabilities in a safe and contained environment to develop proof of concept and / or exploit tools.
  • Working Knowledge with the folloiwng technologies : Windows and Active Directory, Unix and Linux, Routers & Switches, Anti-Malware Systems, Relational Databases, Open Source Intelligence, Firewall, IDS / IPS, Vulnerability Management & Proxy management or solid understanding of these technologies.
  • 5 8 years work related experience as a Level 1 / 2 Analyst.
  • SOC / SIEM systems Certifications IBM Qradar essential.
  • Formal training in Networking and networking protocols CCNA advantageous.
  • Experience in malware investigation advantageous.
  • Experience in server / network / firewall / ips administration.
  • Experience in a Security Operations Centre environment & a Network Monitoring environment.
  • Relevant Courses eg Security +, introduction to information security an advantage.
  • Understanding of the different types of Cyber Security Attacks & how to prevent them.
  • Key competencies :

  • How to analyse data
  • IBM QRadar experience
  • Must have an understanding of use cases
  • Must have excellent problem-solving skills.
  • Detailed technical knowledge of technology protocols (TCP / IP, SMB, SSH etc)
  • Good knowledge of scripting languages
  • Communication skills (verbal and written - report writing, email and presentation)
  • Problem solving skills
  • Customer orientation
  • Planning and organising skills
  • Analysing skills
  • Writing and Reporting
  • Learning and Researching
  • Creating & Innovating
  • Delivering Results & Meeting Customer Expectations
  • Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form