Position TitleMDR Cyber Security and TI AnalystMain purpose of the roleThe primary role of the MDR Cyber Security and TI Analyst within the Managed Security Services (MSS) division is to support security monitoring and incident handling, and act as an escalation point to ensure the confidentiality, integrity, and availability of information assets. The analyst must be capable of performing full root cause analysis and be familiar with threat hunting. They must also keep up-to-date with the latest emerging threats and vulnerabilities to be able to provide context to incidents and guide threat hunting and incident response activities.Required minimum education and work experienceUniversity education (preferred), A-level education or equivalent (required)Broad knowledge of security technologies and productsExperience with EDR and/or Sysmon, Anti-Virus, SIEM, general security analytics and log sourcesITIL proven skills in a SOC functional unitMust have the ability to understand large, complex systems and be able to focus on specific details or subsystems, their vulnerabilities and linkagesExperience dealing with malware, attack vectors, and the ability to perform pattern analysis and discover root causeKeeping up to date with attacker techniques, such as by reading blogs and whitepapers on recent threatsRequires basic knowledge of hardware/software architecture and domains in IT operationsKey performance areasSuccessful delivery of contracted services (Statement of Work) – safe clientsProvide consistent quality client servicePersonal developmentTechnical knowledge / competenciesStrong knowledge of endpoint/EDR, firewalls, web & e-mail securityAbility to reverse engineer malware to discover IOCs, identify the malware family or if it is unknown, etc.Knowledge of pivoting to find more artefacts related to an incidentKnowledge of networking protocols, switches, routers etc.Knowledge of SIEM and querying log sourcesKnowledge of root cause analysis and escalation proceduresIndustry-specific technical knowledge, such as use of specific analysis toolsKnowledge of CVE, "Google Fu" and threat intelligence conceptsWriting skills - being able to articulate technical reports on emerging threats, vulnerabilities, and incidentsTroubleshooting and problem solvingBehavioural competenciesTeam player and team building (creation of a cohesive division)Able to clarify and issue and/or follow instructions in the current role - job familiarityMust be effective in communication - written and verbal and listening skillsOpenness of mind and curiosityStructured thinkingTeachability - (having a positive attitude and a willingness to learn)Individual thinking within the current roleCollaboration - willingness and ability to collaborate with other Team Leaders / SupervisorsAction oriented - production of desired outcomes within the required timeframesWork pro-actively – both independently and with peersAssertive and confidentAbility to handle conflictAbility to plan and organise work tasksStrong sense of felt accountability and responsibilityJob Types: Full-time, PermanentPay: R65000,00 per monthApplication Question(s):Are you a South African Citizen with full permissions to work in the country?How many years experience do you have working in MDR within a SOC environment?Are you willing to participate in a short assessment in order for our team to evaluate your level of experience?
#J-18808-Ljbffr