Soc Threat Analyst Tier 2

Details of the offer

SOC Threat Analyst Tier 2
Let's Write Africa's Story Together! Old Mutual is a firm believer in the African opportunity and our diverse talent reflects this.
Job Description The SOC Analyst Tier 2 forms part of the Old Mutual SOC & Threat intel team. The SOC Team will identify, analyse, and react to cyber security threats using a reliable set of processes and security technologies. The SOC Team provides a critical layer of analysis needed to seek out any irregular activity that could suggest a security incident.
The job role includes actively participating in the incident detection process as follows:
Possesses in-depth knowledge of network, endpoint, threat intelligence, as well as the functioning of specific applications or underlying IT infrastructure.Closely involved in developing, tuning, and implementing threat detection analytics.Acts as the 1st escalation for Tier 1 SOC Analysts.Responds to and oversees the remediation of a declared security incident.Completes the Root Cause Analysis Report for Incidents.Uses threat intelligence such as updated rules and Indicators of Compromise (IOCs) to pinpoint affected systems and the extent of the attack.Monitors shift-related metrics ensuring applicable reporting is gathered and disseminated to the Head of SOC and Threat Intel.Oversees the analysis on running processes and configs on affected systems.Undertakes in-depth threat intelligence analysis to find the perpetrator, the type of attack, and the data or systems impacted.Provides support for analytic methods for detecting threats.Undertakes threat intelligence research.Validates false positives, policy violations, intrusion attempts, security threats and potential compromises.Undertakes security incident triage to provide necessary context prior to escalating to relevant Security Specialists to perform deeper analysis when necessary.Further analyses alarms by method e.g. credentials compromised and by asset class.Based on the correlation rules and alarms within the SIEM and run books, further analyses anomaly tactic using the MITRE ATT&CK framework.Manages security incidents using the SIEM platform and defined operational procedures.Key Performance Indicators: Azure Sentinel SIEM Platform Monitoring.Microsoft Defender 0365 Policy Management and deployment.Standard SOC Reporting.Incident Service Level Management.Various Security platforms administration and configuration, policy configuration.Security platforms with SIEM integration and participate in the security incident and event investigations and remediation.Ensure IT policies are met with regards to data security and Integrity.Ensure IT policies are met with regards to network security.Role Requirements: Experience: Strong knowledge and experience working with SIEM Solutions, QRadar, McAfee ESM, Azure Sentinel.2 to 4 years' experience in IT Infrastructure Support, and a further 2 to 4 years' track record as a Tier 2 SOC Analyst or Threat Hunter in an established SOC.Experience working with Mimecast, Microsoft Defender 0365.Experience working KnowB4 & PhishMe.Good knowledge of networks technologies (protocols, design concepts, access control).Good knowledge of various security technologies (firewalls, web gateway, endpoint protection, vulnerability management, network infrastructure, etc.).Good experience working with Nessus or Qualys.Good understanding of the MITRE ATT&CK framework.Good understanding of the ITIL Framework.Good report writing skills. PowerBI or QlikView.Brilliant with a support ticketing system and experience in meeting SLA targets.Familiarity with risk management and quality assurance control.Excellent interpersonal skills and professional demeanor.Excellent verbal and written communication skills.Candidate must be eligible to obtain National Security Clearance.Qualifications: Grade 12 (Matric) (Compulsory).Degree or Diploma in Computer Technology.SIEM Technology certification (QRadar, McAfee ESM, Azure Sentinel).MCSE, MCSA.Microsoft SC-200, AZ500.ITIL Foundation qualification.CompTIA A+, N+ S+.CNNA or equivalent.CompTIA CySa and CASP+ advantageous.Closing Date: 19 October 2024
The appointment will be made from the designated group in line with the Employment Equity Plan of Old Mutual South Africa and the specific business unit in question. Old Mutual Limited is pro-vaccination and encourages its workforce to be fully vaccinated against Covid-19. All prospective employees are required to disclose their vaccination status as part of the recruitment process. Please refer to the Old Mutual's Covid-19 vaccination policy for further detail. Kindly note that Old Mutual reserves the right to reinstate the requirement to vaccinate at any point if it is of the view that it is imperative to do so. The Old Mutual Story! About UsOld Mutual is a premium African financial services organisation that offers a broad spectrum of financial solutions to retail and corporate customers across key market segments in 14 countries. The lines of business include Life and Savings, Property and Casualty, Asset Management and Banking and Lending.
We are rooted in our purpose of Championing Mutually Positive Futures Every Day and believe that a great customer experience is anchored in a great employee experience.

#J-18808-Ljbffr


Source: Jobleads

Requirements

It Graduate

Key Responsibilities: Assist in troubleshooting and resolving IT issues related to hardware, software, and network systems. Provide technical support to inte...


From - Gauteng

Published a month ago

Junior Data Analyst

Requirements: Experience in working with the following systems: SumTotal SAP SQL PowerBI Desired core work experience: LMS Administration / Learning Technolo...


From - Gauteng

Published a month ago

Microsoft Azure Engineer (Api Specialist)

Our Client is seeking a highly skilled Microsoft Azure Engineer with API development and integration experience to join our cloud infrastructure team. The id...


From - Gauteng

Published a month ago

Atm Risk & Security Manager

Cash Supply Chain Monitoring: Analyze and monitor cash flow, estimate funding needs, and forecast peak demands. Management Reporting: Provide operational and...


From - Gauteng

Published a month ago

Built at: 2024-11-01T10:10:59.674Z