Our client, a giant in the South African financial services industry, is expanding their existing SOC team by putting more emphasis into Threat Intelligence.
Key Responsibilities in this role:
- Threat Hunting – perform structured threat hunting following a systematic program, searching for cyber threats before an attack happens. Track threat actors, tactics, techniques, and procedures (TTPs).
- Threat Analysis, Recommendation/ Reporting – Perform Root Cause Analysis of security incidents to develop enhancements to existing alerting tools. Provide recommendation to improve security posture and what controls can be put in place to prevent the threats.
- Incident Response – The will also be expected to participate in other activities within the team such as Incident Response and Use case development.
- Threat Intelligence – Work with the team to develop IOCs for specific cyber threat actors/ groups to understand their tactics, techniques and procedures.
- Measurements – Collect metrics to measure the impact of individual hunts and the hunt program as a whole
• Bachelor’s degree (NQF7) in Security/Information Technology or an equivalent qualification.
• 5+ years of experience in Information Security
• 2+ years of experience with the incident response process, including detecting advanced adversaries, log analysis using SIEM.
• Experience with packet analysis and usage of deep packet inspection toolsets.
• Knowledge and experience working with the Cyber Kill Chain Model or MITER ATT&CK Matrix.
• Familiarity with EDR/SOAR/Anomaly detection solutions
• Experience in Cyber Security working within the following areas:
o Threat Hunting
o Computer Incident Response Team
o Computer Security Incident Response Center
o Security Operations Center
o Cyber Threat Intelligence
o Network and Endpoint Detection
Please get in touch to discuss the company, the role and the benefits on offer.