SUMMARY:
Business Department: Cyber Security
PURPOSE:
To analyse security events and alerts and to gather and carry out remediation tasks on console for Gijima clients through its toolsets, operational monitoring, preventative actions and crisis management
POSITION INFO:
FORMAL EDUCATION:
- Grade 12 (essential)
- IT Certificate/Diploma/Degree
TECHNICAL CERTIFICATION:- IBM Qradar Certification
- CISSP, CEH, GPEN, OSCP or similar security certifications
- CCNA advantageous
- Security +
- Introduction to information security an advantage
EXPERIENCE:- Experience analysing phishing attacks
- Experience producing reports and briefs on the current threat landscape and associated risks
- Experience monitoring third party security related websites, forums and social media sites for information regarding vulnerabilities and exploits
- Experience conducting malware analysis – usage of VirusTotal etc
- Experience replicating reported vulnerabilities in a safe and contained environment to develop proof of concept and/or exploit tools
- Working Knowledge with the following technologies: Windows and Active Directory, Unix and Linux, Routers & Switches, Anti-Malware Systems, Relational Databases, Open-Source Intelligence, Firewall, IDS/IPS, Vulnerability Management & Proxy management or solid understanding of these technologies.
- 5 – 8 years' work-related experience as a Level 1/2 Analyst
- Formal training in Networking and networking protocols
- Experience in malware investigation advantageous
- Experience in server/network/firewall/ips administration
- Experience in a Security Operations Centre environment & a Network Monitoring environment
- Understanding of the different types of Cyber Security Attacks & how to prevent them
RESPONSIBILITIES:- Conduct cyber intelligence operations including intelligence collection, tracking threat actors, identifying malicious behaviours and operations.
- Works with customers, vendors and internal resources for problem resolution and security advisories
- Standardizes process and procedures and provides continual improvement
- Develops and maintain comprehensive documentation on incidents and analysis for clients and internal
- Compile security advisories for internal and external in document format with technical recommendations
- Use case writing, development and refinement for detection of threats
- Proactively search for rogue behaviour, malicious attacks & suspicious activity
- Training of junior analysts
- Analyse threat feeds to produce daily/weekly/monthly Threat Intelligence brief and regular threat trend reporting
- Analyse security events/alerts and recommend remedial actions
- Analyse vulnerability scan data and recommend remedial actions
- Analyse trends across time and clients for remedial actions
- Provide analysis in contracted reports
- Health checks on monitored devices
- Analyse Network flow data & investigate deviations from baseline
- Pro-actively hunt for threats, vulnerabilities & suspicious activity.
- Investigate suspicious emails for phishing attacks
Knowledge- How to analyse data
- IBM – QRadar experience
- Must have an understanding of use cases
- Must have excellent problem solving skills.
- Detailed technical knowledge of technology protocols (TCP/IP, SMB, SSH etc)
- Good knowledge of scripting languages
Skills- Communication skills (verbal and written - report writing, email and presentation)
- Problem solving skills
- Customer orientation
- Planning and organising skills
- Analysing skills
- Writing and Reporting
- Learning and Researching
- Creating & Innovating
- Delivering Results & Meeting Customer Expectations
Personal attributes- Presenting and Communicating Information
- Deciding and Initiating Action
- Coping with Pressures and Setbacks
- Applying Expertise and Technology
- Following Instructions and Procedures
- Ability to work well independently & productively with minimal supervision.
NB! This job is now closed. You can apply for other jobs by uploading your CV.
