Cybersecurity Analyst

• Perform log ingestion, define use cases, and create alerts for critical assets.
• Perform daily SIEM health checks and remediate accordingly.
• Monitor security alerts and events using various tools and technologies.
• Analyze and investigate security incidents to identify potential threats.
• Collaborate with team members to develop and implement effective monitoring strategies.
• Using IOCs and threat intelligence, perform threat hunting across environment.

• Respond promptly to security incidents, provide initial analysis, conduct business impact assessment, isolate, eradiate and recovery from threats.
• Document and report incidents, ensuring accurate and comprehensive records.
• Follow established incident response procedures, playbooks and contribute to their enhancement.

• Manage and maintain endpoint security and EDR solutions.
• Perform daily health checks endpoint security and EDR solutions and remediate accordingly.
• Conduct regular scans and assessments to identify and mitigate potential vulnerabilities.
• Work with IT teams to ensure endpoint security configurations align with organizational standards.

• Assist in the identification and prioritization of vulnerabilities within the organization's infrastructure.
• Collaborate with system owners and IT teams to remediate identified vulnerabilities.
• Stay informed about the latest security threats and vulnerabilities.

• Monitor and analyze email traffic for potential security threats.
• Respond to and mitigate email-borne security incidents.
• Work with email security solutions to enhance protection against phishing and malware attacks.

• Relevant degree or advanced diploma in Computer Science, Information Systems, Business or related field, or equivalent combination of education/experience.
• One or more certifications in: EC-Council SOC, Security+, AWS Certifications, Microsoft Certifications, Google Certifications
• Must have 3-6 years' experience in a Cybersecurity related role.
• Practical experience with system monitoring SIEM, assessment, and reporting tools (ArcSight, IBM QRadar, Splunk, Sentinel, Exabeam, SIEMonster, AlientVault etc.)
• Practical experience with EDR and XDR tools.
• Proficiency in network security, operating systems, and security technologies.
• Experience with common information technologies (Windows, VMware, and Cisco as well as some UNIX, Linux).
• Experience with Vulnerability and Malware Analysis (threat and attack analysis).
• Experience with security tools (WAF, Proxy, DNS, IDS, firewalls, anti-virus, data loss prevention, etc.).
• Knowledge of Cloud Security Operations (SaaS, PaaS, IaaS), Mobile Architecture, Network and Application Security and/or Data Protection
• Technology experience to be considered; Security+; Microsoft Security Certifications (MS-SC200); Azure Certifications, Recognised SOC certification

• Ability to work in independent environments under aggressive timelines.
• Ability to develop and maintain working relationships in a global environment.
• Excellent analytical and problem- solving skills
• Outstanding written skills for preparing reports and briefings.

• Communicates Effectively - conveys information and communicates ideas in a clear, concise and impactful manner
• Decision Quality - consistently makes timely, well-rounded and informed decisions
• Ensures Accountability - takes accountability and ensures others are held to account on agreed upon performance targets
• Manages Complexity - interprets and simplifies complex and contradictory information when resolving organisational problems
• Tech Savvy - leverages new technology to enhance productivity, improve problem solving, and support business growth

The Foschini Group