SENIOR SECURITY ANALYST
Location | Sandton, South Africa |
Date Posted | September 17, 2020 |
Category |
Security
|
Job Type |
Full-time
|
Currency | ZAR |
Description
The Senior analyst shall develop and execute security controls, defences and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Administers cybersecurity policies to control physical and virtual access to systems. Performs network security audits and testing and evaluates system security configurations to ensure efficacy and compliance with policies and procedures. Conducts penetration testing and vulnerability assessments of applications, operating systems and/or networks. Responds to cybersecurity breaches, identifies intrusions and isolates, blocks and removes unauthorized access. Researches and evaluates cybersecurity threats and performs root cause analysis. Assists in the creation and implementation of security solutions. Provides information to management regarding impact on the business caused by theft, destruction, alteration or denial of access to information and systems.
Their primary objective is to ensure that infrastructure and systems remain operational, protected and secure through proactively identifying, investigating and resolving technical incidents and problems
Duties & Responsibilities
In this position you will be required to:
- Monitor alerts/events from various security tools (SOAR, EDR, SIEM & TVM, Email Security)
- Conduct, document, and report on information security assessments and penetration tests (Web Applications & Infrastructure)
- Perform threat hunting, threat intelligence and other offensive security related activities
- Use professional concepts and company objectives to solve complex issues in creative ways
- Investigate & Resolve High/Critical severity incidents
- Provide Incident Response (IR) support when analysis confirms actionable incident
- Assist/guide junior analysts and participate in crisis situations and contingency operations, which may necessitate extended hours of work
- Networking with others outside own area of expertise
Requirements
Requirements: Education, Training and Experience
Desirable Certifications ( At least two)
• OSCP, CySA+, Pentest+, LPT, CREST
• Bachelor's degree or Advanced Diploma in Information Technology or related fields
Experience
- Minimum two (4) year experience as a Penetration tester or Security/Analyst, preferable in a SOC environment or medium-to-large organization
- Penetration testing & Security assessments
- Knowledge of various security methodologies and processes, and technical security solutions (firewall and intrusion detection systems).
- Working Knowledge of Unix, Windows & Cloud platforms
- Threat Modelling frameworks (MITRE Framework & Cyber Kill Chain)
- Knowledge of Tactics, Techniques & Procedures (TTP) of adversaries APTs
- Exercises judgment in selecting methods, techniques and evaluation criteria to obtain results
- Conducting& reporting cyber security research
- Scripting (Python, PowerShell, Bash etc)
Personal Attributes and Skills Required
Skills and knowledge
- Display a strong client service orientation
- Demonstrate specialist infrastructure knowledge
- Demonstrate good attention to detail
Attributes
- Strive to meet and exceed SLAs at all times
- Display good verbal and written communication ability