This position reports to the Senior Manager, IT Security Operations and is responsible for ensuring that the tactical security measures for the company’s infrastructure meet the highest security standards. The Security Analyst actively works with outside vendors, the Infrastructure Team and the Service Desk Team to provide the IT Security support to the organization. This role is key in delivering TFG’s IT Security threat analysis and incident response program, and is responsible for analyzing and reporting on threat and incident response metrics.
- Maintain detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the identification and resolution of vulnerabilities and threat vectors.
- Monitor all security solutions for efficient and appropriate operations.
- Participate in Cyber Security Incident Response Team (CSIRT) in the identification, containment, eradication, and resolution of security issues.
- Maintain operational configurations of all IT security solutions as per any established baselines.
- Provide recommendations for additional security solutions or enhancements to existing controls, to improve overall enterprise security and “defense in depth” strategy.
- Participate in the deployment, integration and initial configuration of all new security solutions as well as enhancements to existing security solutions in accordance with standards and best practices.
- Generating trouble tickets and performing initial validation and triage to determine whether incidents are security events using open source intelligence (OSINT).
- Hunt for advanced threats, pivoting on and analyzing data to identify malicious behaviors. Perform real-time incident handling, independently following and creating procedures to analyze and contain malicious activity. Collect evidence to include digital media, logs, and malware to perform analysis associated with cyber intrusions.
- Review logs and reports of all devices, whether they are under direct control (i.e., security tools) or indirect control (i.e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution.
- Proficiency in network security and monitoring tools.
- Ability to work in independent environments under aggressive timelines.
- Escalates potential risk and internal control weaknesses to management.
- Bachelor’s degree in Computer Science, Information Systems, Business or related field, or equivalent combination of education/experience.
- Outstanding written skills for preparing reports and briefings.
- Ability to develop and maintain working relationships in a global environment.
- Familiarity with system monitoring, assessment, and reporting tools (ArcSight, IBM QRadar, Splunk, Sentinel, Exabeam, SIEMonster, AlientVault etc.)
- One or more certifications in: SSCP, Security+, CHFI, CEH or similar industry standard certifications.
- Excellent analytical and problem- solving skills
Qualification & Experience:
Vacancy Type: Full Time
Job Location: Cape Town, Western Cape, SA
Application Deadline: N/A