SENIOR SECURITY ANALYST - Sandton
Salary Negotiable
Sandton,
Gauteng
more than 14 days ago
Description
The Senior Security Analyst position is a Tier 3 analyst role within the Security Operations (SecOps) Team. The purpose of this position is to take ownership of and lead offensive security & threat intelligence operations within the SOC
The Senior analyst shall develop and execute security controls, defences and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Administers cybersecurity policies to control physical and virtual access to systems. Performs network security audits and testing and evaluates system security configurations to ensure efficacy and compliance with policies and procedures. Conducts penetration testing and vulnerability assessments of applications, operating systems and/or networks. Responds to cybersecurity breaches, identifies intrusions and isolates, blocks and removes unauthorized access. Researches and evaluates cybersecurity threats and performs root cause analysis. Assists in the creation and implementation of security solutions. Provides information to management regarding impact on the business caused by theft, destruction, alteration or denial of access to information and systems.
Their primary objective is to ensure that infrastructure and systems remain operational, protected and secure through proactively identifying, investigating and resolving technical incidents and problems
Key Roles and Responsibilities
In this position you will be required to:
Monitor alerts/events from various security tools (SOAR, EDR, SIEM & TVM, Email Security)
Conduct, document, and report on information security assessments and penetration tests (Web Applications & Infrastructure)
Perform threat hunting, threat intelligence and other offensive security related activities
Use professional concepts and company objectives to solve complex issues in creative ways
Investigate & Resolve High/Critical severity incidents
Provide Incident Response (IR) support when analysis confirms actionable incident
Assist/guide junior analysts and participate in crisis situations and contingency operations, which may necessitate extended hours of work
Networking with others outside own area of expertise
Requirements
Requirements: Education, Training and Experience
Desirable Certifications (At least two)
· OSCP, CySA+, Pentest+, LPT, CREST
· Bachelor’s degree or Advanced Diploma in Information Technology or related fields
Experience
Minimum two (4) year experience as a Penetration tester or Security/Analyst, preferable in a SOC environment or medium-to-large organization
Penetration testing & Security assessments
Knowledge of various security methodologies and processes, and technical security solutions (firewall and intrusion detection systems).
Working Knowledge of Unix, Windows & Cloud platforms
Threat Modelling frameworks (MITRE Framework & Cyber Kill Chain)
Knowledge of Tactics, Techniques & Procedures (TTP) of adversaries APTs
Exercises judgment in selecting methods, techniques and evaluation criteria to obtain results
Conducting & reporting cyber security research
Scripting (Python, PowerShell, Bash etc)
Personal Attributes and Skills Required
Skills and knowledge
Display a strong client service orientation
Demonstrate specialist infrastructure knowledge
Demonstrate good attention to detail
Attributes
Strive to meet and exceed SLAs at all times
Display good verbal and written communication ability
The Senior Security Analyst position is a Tier 3 analyst role within the Security Operations (SecOps) Team. The purpose of this position is to take ownership of and lead offensive security & threat intelligence operations within the SOC
The Senior analyst shall develop and execute security controls, defences and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Administers cybersecurity policies to control physical and virtual access to systems. Performs network security audits and testing and evaluates system security configurations to ensure efficacy and compliance with policies and procedures. Conducts penetration testing and vulnerability assessments of applications, operating systems and/or networks. Responds to cybersecurity breaches, identifies intrusions and isolates, blocks and removes unauthorized access. Researches and evaluates cybersecurity threats and performs root cause analysis. Assists in the creation and implementation of security solutions. Provides information to management regarding impact on the business caused by theft, destruction, alteration or denial of access to information and systems.
Their primary objective is to ensure that infrastructure and systems remain operational, protected and secure through proactively identifying, investigating and resolving technical incidents and problems
Key Roles and Responsibilities
In this position you will be required to:
Monitor alerts/events from various security tools (SOAR, EDR, SIEM & TVM, Email Security)
Conduct, document, and report on information security assessments and penetration tests (Web Applications & Infrastructure)
Perform threat hunting, threat intelligence and other offensive security related activities
Use professional concepts and company objectives to solve complex issues in creative ways
Investigate & Resolve High/Critical severity incidents
Provide Incident Response (IR) support when analysis confirms actionable incident
Assist/guide junior analysts and participate in crisis situations and contingency operations, which may necessitate extended hours of work
Networking with others outside own area of expertise
Requirements
Requirements: Education, Training and Experience
Desirable Certifications (At least two)
· OSCP, CySA+, Pentest+, LPT, CREST
· Bachelor’s degree or Advanced Diploma in Information Technology or related fields
Experience
Minimum two (4) year experience as a Penetration tester or Security/Analyst, preferable in a SOC environment or medium-to-large organization
Penetration testing & Security assessments
Knowledge of various security methodologies and processes, and technical security solutions (firewall and intrusion detection systems).
Working Knowledge of Unix, Windows & Cloud platforms
Threat Modelling frameworks (MITRE Framework & Cyber Kill Chain)
Knowledge of Tactics, Techniques & Procedures (TTP) of adversaries APTs
Exercises judgment in selecting methods, techniques and evaluation criteria to obtain results
Conducting & reporting cyber security research
Scripting (Python, PowerShell, Bash etc)
Personal Attributes and Skills Required
Skills and knowledge
Display a strong client service orientation
Demonstrate specialist infrastructure knowledge
Demonstrate good attention to detail
Attributes
Strive to meet and exceed SLAs at all times
Display good verbal and written communication ability
Recruiter: IT Ridge Technologies