Cyber Defence Analyst
Centurion, South Africa
Applications have closed
OUTsurance
Innovative, value-for-money insurance products, backed by awesome service and 10% of your paid insurance premiums back in cash after three consecutive claim-free years.Company Description
Introduction
OUTsurance is a customer-centric Financial Services company with a global foot print. We are vibrant, successful and values orientated with an awesome dynamic culture encapsulated by the ethos that clients and staff “always get something OUT.” Our success can be attributed amongst other things, to the outstanding people that work for us.
Adversaries are working around the clock to beat defences, compromise networks and steal sensitive company data. To stay ahead of the threats we are looking for an inspired, creative and dedicated Analyst who is passionate about security incident investigation & proactive threat hunting as well as collaborating with the relevant stakeholders to implement countermeasures to aid prevention, detection and response.
Job Description
Responsibilities
Adversaries are working around the clock to beat defences, compromise networks and steal sensitive company data. To stay ahead of the threats we are looking for an inspired and dedicated Cyber Defence Analyst who is passionate about cybersecurity. The successful candidate will need to have experience in network and security technologies and be capable of delivering high quality work within a technical environment.
- As part of this role, the analyst will be required to review alerts received via email or the SIEM platform and perform initial investigation, triage, and response. The response steps might require you to run additional scans, block domains/IPs, disable accounts etc.
- Assist in ensuring all critical and relevant log sources are ingested into the SIEM platform
- Assist in ensuring that all relevant hosts & sources are monitored across the environment, including cloud and on premise.
- Deployment or assist with deployment of technical solutions for detecting & preventing potential threats.
- Fine tune existing IoCs to reduce false positives.
- Assist in performing threat hunting activities.
- Mature the company’s Cyber Incident response plan, processes, and playbooks.
- Assist with running regular phishing simulations using the company’s security awareness solution.
- Work closely with the Offensive Red Team to mature detection capabilities.
- Assist with monthly reporting on alerts and incidents raised.
Competencies:
- The successful individual would need to demonstrate the below listed:
- Strong analytical skills.
- Very strong interpersonal skills and the ability to build relationships.
- Critical thinking & problem-solving with strong decision-making mind-set.
- Takes initiative and works under own direction.
- Upholds ethics and values and demonstrates high levels of integrity.
- Methodically plans and organises tasks and projects.
- Demonstrate a high level of attention to detail.
- Adapts and responds positively to change.
- The ability to multitask and handle stress.
Qualifications
Qualifications/Experience
Essential
- 1+ years’ experience in IT Security, specialising in incident investigation & threat hunting using various tools and techniques.
- Ability to run an investigation from start to finish, including pivoting between data types and correlating events.
- Understanding the Attack life cycle.
- Experience with using SIEM platforms & technologies.
- Understanding of TCP/IP and networking concepts.
- Knowledge of IT security controls (Network IPS, Vulnerability Scanning, Endpoint Protection, Firewalls, Cloud Access Security Brokers).
- Experience with responding to phishing emails, malware analysis, network attacks and network traffic analysis.
- Familiarity and understanding of basic SQL and KQL queries.
- Strong knowledge of Windows and Linux.
Advantageous
- Exposure to different cloud services (Amazon Web Services, Azure, Google Cloud).
- Pentest/Red Team knowledge.
- Previous Security Operations Centre experience.
- Other relevant technology certifications, e.g. Red Hat Certified Admin, Azure Administrator Associate.
- Use of forensic analysis tools, e.g. Autopsy, Caine, SIFT
- Relevant industry security certifications such as: Security+, Network+, CySA+, other Blue Team training and certifications
Additional Information
An ideal candidate will be able to align their personal work values to the OUTsurance values of Awesome Service, Passionate, Honest, Human, Dynamic and Recognition. Enthusiastic in dealing with challenges in a stressful, deadline orientated environment is essential.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Autopsy Azure Blue team Cloud Firewalls GCP Incident response IPS Linux Malware Red Hat Red team SIEM SQL TCP/IP Windows
Perks/benefits: Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs