SECURITY: SENIOR ANALYST – GAUTENG

SECURITY: SENIOR ANALYST

The Security Senior Analyst works within the Security business unit and deals with the most complex security and cyber threats. The primary responsibility of this position is to research and identify potential threats and vulnerabilities to minimise the window of attach and limit the amount of time an adversary has to gain access to the network before they are discovered.

The Security Senior Analyst will facilitate the access to tools and research through our partners to design and develop platforms, systems, and services that will assist in proactive identification of potential threats and threat actors in order to minimise the window of attack and limit the amount of time an adversary has to gain access to a networks before they are discovered.

JOB DESCRIPTION

Contribute to threat intelligence strategy

The Security Senior Analyst will play an important role in conceiving strategies for clients, planning the implementation of the strategy and delivering it. They use their creativity and intellectual rigour to assist with the development of the threat intelligence strategy that will drive the business to become proactive, focussed and preventative. These individuals will embed the use of intelligence into core business by aligning the development of intelligence, threat feeds to formal decision making. This employee will measure the effectiveness of cyber hunting capabilities to ensure appropriate plans are in place to address lower performance and ineffective practices.

Produce cyber threat intelligence

These individuals produce intelligence outputs to provide an accurate depiction of the current threat landscape and associated risk using client, community and open-source reporting. They collect, organise, analyse, interpret, and summarise threat and vulnerability reports and data to provide actionable intelligence and situational awareness to decision makers. This employee will build a threat intelligence repository to understand threat actor tactics, techniques, and procedures (TTP). They create partnerships and relationships with 3rd parties for intelligence sharing, evaluating threat intelligence providers, platforms, and data feeds to drive greater business value. They provide subject matter expertise, technical deliverables oversight of strategic cyber projects and initiatives to enhance and improve cyber threat intelligence capabilities and maturities.

Conduct research

The Security Senior Analyst will perform research into advanced, targeted attacks, crime ware campaigns, malware and other emerging technologies and techniques to identify and report on cyber attacks. They actively monitor and research cyber threats and trends with a direct or indirect impact to the client’s brand, regional business operations, technology infrastructure and client trust.

Threat management

Security Senior Analyst will promote awareness of emerging cyber threats and determine the appropriate responses. They will utilise intelligence to support security services and professional services as part of digital forensics and incident response engagements, security event management, breach detection and malware analysis. They will be required to perform situational tasks such as malware analysis, reverse engineering and exploit evaluation as and when required. They act as a point of escalation for security investigations and incidents to provide guidance and oversight on incident resolution and containment techniques. The Security Senior Analyst prioritises and manages the activities performed by cyber threat analysts by producing threat warnings, real-time situational and predictive analysis and the synthesis of all source information and data.

Produce intelligence reports

These individuals will participate in and contribute to regular threat focus meetings. They will produce actionable intelligence on threats for delivery to clients in the form of technical reports and/or client briefings. The Security Senior Analyst will lead the enhancement and optimisation of implemented reporting mechanisms to demonstrate the value of the cyber intelligence function with tangible benefits.

Behavioural skills

The individual in this position demonstrates investigative and analytical problem solving skills. They display critical thinking and contextual analysis abilities with a passion for information security and service excellence. They are proactive in their approach and conduct research on emerging trends, establishing pre-emptive and practical plans to counter potential threats. The Security Senior Analyst demonstrates excellent verbal and written communication skills and the required interpersonal skills to engage with a variety of internal and external stakeholders.

Competencies:  

In this position you will be required to:

  • Assist in developing a threat intelligence strategy to support the business to become proactive, focussed, and preventative and develop and implement appropriate plans to address lower performance and ineffective cyber hunting practices.
  • Produce intelligence outputs, threat and vulnerability reports, data and actionable intelligence and situational awareness to facilitate decision making.
  • Research and identify potential threats and vulnerabilities and develop action plans to counter emerging cyber intelligence threats.
  • Produce threat warnings, real-time situational and predictive analysis and the synthesis of all-source information and data.
  • Participate in meetings and produce technical reports on intelligence threats and mechanisms depicting the value of the cyber intelligence function.
  • Effectively work with a team of Security Analysts.

Required Skill Set:

Required Skill Set: Privilege Access Management, Vulnerability Management, End Point Protection, Data Loss Prevention, Identity Management, Security Information and Event Management, Email Security, Security Incident Handling, Cloud Web Security

Relevant certifications:

  • Comptia: CYSA, CASP, S+
  • ISC2: CISSP, CSSP
  • ISACA: CISM
  • Microsoft Security: SC-200, SC-300, SC-400, AZ-500, MS-500
  • McAfee: ePO Specialist, ESM Specialist
  • Trend: Apex 1, Deep Security
  • Symantec: Administration of Symantec Endpoint Protection 14
  • Splunk: Enterprise Certified Admin
  • Mimecast: Gladiator
  • Palo Alto: Prisma Certified Cloud Security Engineer
  • AWS: Certified Security – Specialty

WORK EXPERIENCE REQUIRED

  • 7 – 10 years’ work experience
  • 3 – 5 years’ experience required in SOC and or Cyber roles and IT Security and/ or related function in a medium to large ICT organisation, preferably IT service provider.
  • Excellent client service orientation
  • Excellent at solving problems and can use your initiative to drive innovation
  • Excellent process management experience
  • Excellent Cyber Risk experience

[ninja_form id=’1453′]