Information Security Analyst - Parow, South Africa - The Foschini Group

The Foschini Group

Verified Company

Parow, South Africa

1 week ago

Posted by:

Thabo Mthembu

beBee Recruiter

Description

Job ID:15555
Position Type:
Full-Time
Job Function:Information Technology
Workplace Type:Head Office
Division:TFG Infotec
Province:Western Cape
Location:Cape Town North
Suburb:Parow (Parow)Position Description:

We are seeking an
Information Security Analyst to join our Information Security team and ensure that the tactical security measures for our infrastructure have the highest level of security.

With a robust strategy focusing on People, Process and Technology, we believe that our culture and the quality of our people are our greatest strengths.

As such, we need to employ top talent to support our key business functions.

TFG's IT division provides innovative, strategic and cost-effective ICT solutions and professional services to TFG and its subsidiaries.

Working for TFG means; working with highly talented professional individuals, who are passionate about collaboration, creativity and working towards successful customer service.

The Key Performance Areas of this role will be as follows:

Participate in Cyber Security Incident Response Team (CSIRT) in the identification, containment, eradication, and resolution of security issues.
Maintain detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the identification and resolution of vulnerabilities and threat vectors.
Provide recommendations for additional security solutions or enhancements to existing controls, to improve overall enterprise security and "defence in depth" strategy.
Participate in the deployment, integration and initial configuration of all new security solutions as well as enhancements to existing security solutions in accordance with standards and best practices.
Maintain operational configurations of all IT security solutions as per any established baselines.
Monitor all security solutions for efficient and appropriate operations.
Generating trouble tickets and performing initial validation and triage to determine whether incidents are security events using open source intelligence (OSINT).
Review logs and reports of all devices, whether they are under direct control (i.e., security tools) or indirect control (i.e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution.
Hunt for advanced threats, pivoting on and analyzing data to identify malicious behaviors. Perform realtime incident handling, independently following and creating procedures to analyze and contain malicious activity. Collect evidence to include digital media, logs, and malware to perform analysis associated with cyber intrusions.
Maintain an understanding of attack methodologies and use information operationally. Make recommendations and create or modify processes and procedures based on knowledge of advanced threat behaviors. Identify and analyze threats, using OSINT, Threat Intelligence and leveraging enrichment resources.
Develops and enhances content and methods for monitoring and incident response, leveraging data extraction techniques for further analysis. Develops and enhances processes, work flows, and documentation. Determine high fidelity behavioral patterns and create content in multiple tools.

Requirements:

Bachelor's degree in Computer Science, Information Systems, Business or related field, or equivalent combination of education/experience.
One or more certifications in: SSCP, Security+, CHFI, CEH or similar industry standard certifications.
Must have at least 56 years in IT related roles; Security and Technical Services experience required.
Familiarity with system monitoring, assessment, and reporting tools (ArcSight, IBM QRadar, Splunk, Sentinel, Exabeam, SIEMonster, AlientVault etc.)
Proficiency in network security and monitoring tools.
Experience with common information technologies (Windows, VMware, and Cisco as well as some UNIX, Linux).
Ability to work in independent environments under aggressive timelines.
Ability to develop and maintain working relationships in a global environment.
Excellent analytical and problem

- solving skills

Outstanding written skills for preparing reports and briefings.
Escalates potential risk and internal control weaknesses to management.
Experience with Vulnerability and Malware Analysis (threat and attack analysis).
Experience with security tools (WAF, Proxy, DNS, IDS, firewalls, antivirus, data loss prevention, etc.).
Knowledge of Cloud Security Operations (SaaS, PaaS, IaaS), Mobile Architecture, Network and Application Security and/or Data Protection