JOB SEEKERS
EMPLOYERS
JOBS QUICK-SEARCH
.net
.net developer
a+
abap
account manager
accountant
admin
administrator
analyst
architect
bookkeeper
business analyst
business intelligence
c#
call centre
ccna
cisco
cloud
cobol
consultant
delphi
desktop
desktop support
developer
engineer
finance
graduate
graduates
helpdesk
internship
it manager
it support
it technician
java
java developer
junior developer
legal
linux
manager
marketing
mcse
network
network administrator
oracle
personal assistant
php
php developer
programmer
project
project administrator
project manager
receptionist
sales
sap
secretary
security
sql
support
technical support
technician
test analyst
tester
web developer
NEWSLETTER
FOLLOW US
Threat Intelligence Analyst
Job Ref
284056
Job Type
Contracting
Employer Type
Recruitment Agency
Date Added
19 Nov 2020
Expiry Date 17 Dec 2020
Expiry Date 17 Dec 2020
* There have been 12 applications to this job.
* This job has been viewed 4962 times.
Employer:
T-Systems
Location:
Gauteng (Jhb)
Salary:
Market related
Benefits:
Role details:
Description of responsibilities:
• Supports the Threat and Vulnerability Assessment team with reporting, management, and remediation of threats against customers.
• Conduct cyber intelligence operations including intelligence collection, tracking threat actors, identifying malicious behaviours and operations.
• Participates on Incident Response teams as threat/forensic SME (Subject Matter Expert)
• Perform network traffic and anomaly analysis, as well as indicators of compromise from system logs (Unix & Windows), application/database and firewall logs, IDS/IPS alerts, WAF alerts, endpoint malware alerts.
• Manages multiple investigation requests through the entire lifecycle of initiation, data collection, analysis, and data production
• Performs assessments of security profiles and correlates vulnerability data with network topology information to quickly identify risks
• Recommends and tracks the application of fixes, security patches and security updates on various levels
• Produces recommendation reports on patches, exploits and vulnerabilities
• Works with customers, vendors and internal resources for problem resolution and security advisories
• Standardizes process and procedures and provides continual improvement
• Develops and maintain comprehensive documentation on incidents and analysis for clients and internal
• Compile security advisories for internal and external in document format with technical recommendations
• Use case writing, development and refinement for detection of threats
• Proactively search for rogue behaviour, malicious attacks & suspicious activity
• Training of junior analysts
• Analyse threat feeds to produce daily/weekly/monthly Threat Intelligence brief and regular threat trend reporting
- - - - - - - - - - - - - -
Qualifications and experience required:• BSC degree in relevant field/technology (or equivalent years of experience) and minimum of 4 years of related experience
• CISSP, CEH, GPEN, OSCP or similar security certifications
• Experience with threat assessment, vulnerability analysis, risk assessment, information gathering, correlating and reporting
• Experience analysing phishing attacks
• Significant experience in network intrusion detection
• Experience creating specific mitigation tactics such as IDS signatures
• Experience producing reports and briefs on the current threat landscape and associated risks
• Experience with conducting vulnerability assessments using tools like Tenable or similar
• Experience on threat intelligence feeds in terms of application and usability
• Experience monitoring third party security related websites, forums and social media sites for information regarding vulnerabilities and exploits
• Experience conducting malware analysis – usage of VirusTotal etc
• Experience using common sandbox technologies to perform dynamic malware analysis
• Experience replicating reported vulnerabilities in a safe and contained environment to develop proof of concept and/or exploit tools
• Certification in IBM Qradar essential
Skills, Knowledge & Attributes:
• Ability to identify and recommend mitigations for vulnerabilities, exploits, patches
• Understanding of ''attacker'' methodologies and tactics, including kill-chain analysis
• Familiarity with Advance Persistent Threat groups and Hacker activity
• Construct correlation and application rules in a SIEM environment from use cases
• Ability to read network logs and analyse network packet capture data. Wireshark
• Ability to perform malicious code reverse engineering (advantageous)
• Ability to utilize common sandbox technology to perform dynamic malware analysis
• Familiar with Data Privacy laws and the associated security requirements.
• Comfortable working in a virtual team environment
• Excellent problem solving and analytical skills
• Excellent written and oral communication skills
• Knowledge of cyber security methodology and security best practices
• Strong security research skills on hackers, threats and the attack surface at a global and local level
• Experience with QRadar or other SIEM tools a plus
• Experience with reverse engineering and forensics (via certifications or study)
• Programming skills required: Python, Java, Perl