• Login Name       Password       Remember me       LOGIN LOGIN    FORGOT PASSWORD


Threat Intelligence Analyst

Job Ref
Job Type
Employer Type
Recruitment Agency
Date Added 19 Nov 2020
Expiry Date 17 Dec 2020
* There have been 12 applications to this job.
* This job has been viewed 3086 times.

Gauteng (Jhb)

Market related


Role details:
6-month contract with the high possibility of being extended

Description of responsibilities:

Supports the Threat and Vulnerability Assessment team with reporting, management, and remediation of threats against customers.
Conduct cyber intelligence operations including intelligence collection, tracking threat actors, identifying malicious behaviours and operations.
Participates on Incident Response teams as threat/forensic SME (Subject Matter Expert)
Perform network traffic and anomaly analysis, as well as indicators of compromise from system logs (Unix & Windows), application/database and firewall logs, IDS/IPS alerts, WAF alerts, endpoint malware alerts.
Manages multiple investigation requests through the entire lifecycle of initiation, data collection, analysis, and data production
Performs assessments of security profiles and correlates vulnerability data with network topology information to quickly identify risks
Recommends and tracks the application of fixes, security patches and security updates on various levels
Produces recommendation reports on patches, exploits and vulnerabilities
Works with customers, vendors and internal resources for problem resolution and security advisories
Standardizes process and procedures and provides continual improvement
Develops and maintain comprehensive documentation on incidents and analysis for clients and internal
Compile security advisories for internal and external in document format with technical recommendations
Use case writing, development and refinement for detection of threats
Proactively search for rogue behaviour, malicious attacks & suspicious activity
Training of junior analysts
Analyse threat feeds to produce daily/weekly/monthly Threat Intelligence brief and regular threat trend reporting
- - - - - - - - - - - - - -
Qualifications and experience required:

BSC degree in relevant field/technology (or equivalent years of experience) and minimum of 4 years of related experience
CISSP, CEH, GPEN, OSCP or similar security certifications
Experience with threat assessment, vulnerability analysis, risk assessment, information gathering, correlating and reporting
Experience analysing phishing attacks
Significant experience in network intrusion detection
Experience creating specific mitigation tactics such as IDS signatures
Experience producing reports and briefs on the current threat landscape and associated risks
Experience with conducting vulnerability assessments using tools like Tenable or similar
Experience on threat intelligence feeds in terms of application and usability
Experience monitoring third party security related websites, forums and social media sites for information regarding vulnerabilities and exploits
Experience conducting malware analysis usage of VirusTotal etc
Experience using common sandbox technologies to perform dynamic malware analysis
Experience replicating reported vulnerabilities in a safe and contained environment to develop proof of concept and/or exploit tools
Certification in IBM Qradar essential

Skills, Knowledge & Attributes:

Ability to identify and recommend mitigations for vulnerabilities, exploits, patches
Understanding of ''attacker'' methodologies and tactics, including kill-chain analysis
Familiarity with Advance Persistent Threat groups and Hacker activity
Construct correlation and application rules in a SIEM environment from use cases
Ability to read network logs and analyse network packet capture data. Wireshark
Ability to perform malicious code reverse engineering (advantageous)
Ability to utilize common sandbox technology to perform dynamic malware analysis
Familiar with Data Privacy laws and the associated security requirements.
Comfortable working in a virtual team environment
Excellent problem solving and analytical skills
Excellent written and oral communication skills
Knowledge of cyber security methodology and security best practices
Strong security research skills on hackers, threats and the attack surface at a global and local level
Experience with QRadar or other SIEM tools a plus
Experience with reverse engineering and forensics (via certifications or study)
Programming skills required: Python, Java, Perl