80385867 - Engineer, Cyber Security

Company Description

Standard Bank Group is a leading Africa-focused financial services group, and an innovative player on the global stage, that offers a variety of career-enhancing opportunities – plus the chance to work alongside some of the sector’s most talented, motivated professionals. Our clients range from individuals, to businesses of all sizes, high net worth families and large multinational corporates and institutions. We’re passionate about creating growth in Africa. Bringing true, meaningful value to our clients and the communities we serve and creating a real sense of purpose for you.

Job Description

The Cyber Threat Hunter will proactively detect threats that evade traditional security controls. Research, develop, perform, and analyse the results of proactive and reactive host and network-based investigations to determine if malicious activity exists within the environment. Building customized threat hunts specifically tailored, including, malware research, to develop detections based off numerous inputs. In addition, the role will provide expert support to the cyber security incident response team and this role has a group wide mandate. Interface with industry peers to acquire and share Cyber Hunt best-practices in the sector.

Qualifications

• First Degree in Information Technology
• Information Security related Certification (CISSP / CISM / GCIA , an Appropriate professional accreditation GCIH / Ethical Hacking (CEH), Offensive Security Certified Professional (OSCP) is preferred, GPEN, advantageous.
• Experience in developing threat models, risk profiles, cyber-security risk and incident management, and a solid understanding of crime in the financial sector. Solid understanding and familiarity of the MITRE ATT&CK Framework.
• 5 to 8 years Experience performing threat hunting and leading threat hunting programs. Should also have experience in performing red team exercises.
• Must have 5 - 8 years experience and be very proficient with the common tools associated with cyber security operations centres e.g. proxy technologies, log management, correlation solutions, SIEM, SOAR and common security testing tools with solid understanding of voice and data networks, major operating systems, active directory, and their associated peripherals. Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity and the cyber-attack kill chain, organized crime/fraud groups and both state and non-state sponsored threat actors. 

Additional Information

Behavioral Competencies :

• Generating Ideas
• Adopting Practical Approaches
• Interacting with People
• Team Working
• Upholding Standards

Technical Competencies :

• Threat intelligence, research, develop and perform hunting activities to proactively detect threat actors and their techniques, tools and processes. Recognize possible successful / unsuccessful intrusion attempts to compromise the network through analysis and hunting activities.
• Ability to perform dynamic malware analysis and extracting IOC (Indicator of compromise) information. React to any CSOC alerting (EDR, Qradar) and review for validity or false positives and modify alerts as needed. 
• Demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity and the cyber-attack kill chain, organized crime/fraud groups and both state and non-state sponsored threat actors.