• Login Name       Password       Remember me       LOGIN LOGIN    FORGOT PASSWORD
  • REGISTER

 LOGIN WITH
 
 
 
 
 EMPLOYERS
 
 
 
 
 
 NEWSLETTER
 
 
 
 
 FOLLOW US

Threat Intelligence Analyst

Job Ref
284056
Job Type
Contracting
Employer Type
Recruitment Agency
Date Added 19 Nov 2020
Expiry Date 17 Dec 2020
* There have been 12 applications to this job.
* This job has been viewed 4956 times.
Employer:
T-Systems

Location:
Gauteng (Jhb)

Salary:
Market related

Benefits:


Role details:
6-month contract with the high possibility of being extended

Description of responsibilities:

• Supports the Threat and Vulnerability Assessment team with reporting, management, and remediation of threats against customers.
• Conduct cyber intelligence operations including intelligence collection, tracking threat actors, identifying malicious behaviours and operations.
• Participates on Incident Response teams as threat/forensic SME (Subject Matter Expert)
• Perform network traffic and anomaly analysis, as well as indicators of compromise from system logs (Unix & Windows), application/database and firewall logs, IDS/IPS alerts, WAF alerts, endpoint malware alerts.
• Manages multiple investigation requests through the entire lifecycle of initiation, data collection, analysis, and data production
• Performs assessments of security profiles and correlates vulnerability data with network topology information to quickly identify risks
• Recommends and tracks the application of fixes, security patches and security updates on various levels
• Produces recommendation reports on patches, exploits and vulnerabilities
• Works with customers, vendors and internal resources for problem resolution and security advisories
• Standardizes process and procedures and provides continual improvement
• Develops and maintain comprehensive documentation on incidents and analysis for clients and internal
• Compile security advisories for internal and external in document format with technical recommendations
• Use case writing, development and refinement for detection of threats
• Proactively search for rogue behaviour, malicious attacks & suspicious activity
• Training of junior analysts
• Analyse threat feeds to produce daily/weekly/monthly Threat Intelligence brief and regular threat trend reporting
- - - - - - - - - - - - - -
Qualifications and experience required:

• BSC degree in relevant field/technology (or equivalent years of experience) and minimum of 4 years of related experience
• CISSP, CEH, GPEN, OSCP or similar security certifications
• Experience with threat assessment, vulnerability analysis, risk assessment, information gathering, correlating and reporting
• Experience analysing phishing attacks
• Significant experience in network intrusion detection
• Experience creating specific mitigation tactics such as IDS signatures
• Experience producing reports and briefs on the current threat landscape and associated risks
• Experience with conducting vulnerability assessments using tools like Tenable or similar
• Experience on threat intelligence feeds in terms of application and usability
• Experience monitoring third party security related websites, forums and social media sites for information regarding vulnerabilities and exploits
• Experience conducting malware analysis – usage of VirusTotal etc
• Experience using common sandbox technologies to perform dynamic malware analysis
• Experience replicating reported vulnerabilities in a safe and contained environment to develop proof of concept and/or exploit tools
• Certification in IBM Qradar essential


Skills, Knowledge & Attributes:

• Ability to identify and recommend mitigations for vulnerabilities, exploits, patches
• Understanding of ''attacker'' methodologies and tactics, including kill-chain analysis
• Familiarity with Advance Persistent Threat groups and Hacker activity
• Construct correlation and application rules in a SIEM environment from use cases
• Ability to read network logs and analyse network packet capture data. Wireshark
• Ability to perform malicious code reverse engineering (advantageous)
• Ability to utilize common sandbox technology to perform dynamic malware analysis
• Familiar with Data Privacy laws and the associated security requirements.
• Comfortable working in a virtual team environment
• Excellent problem solving and analytical skills
• Excellent written and oral communication skills
• Knowledge of cyber security methodology and security best practices
• Strong security research skills on hackers, threats and the attack surface at a global and local level
• Experience with QRadar or other SIEM tools a plus
• Experience with reverse engineering and forensics (via certifications or study)
• Programming skills required: Python, Java, Perl



 
HOME|
INFO|