Specialist: Cybersecurity Threat Analyst
4 days ago
**ROLE PURPOSE**
As part of the Customer-facing Nexio SOC team, the Cybersecurity Threat Analyst will be responsible for monitoring enterprise networks and systems, deterring, identifying, investigating, and mitigating, any and all threats that are directed against those systems regardless of their classification level or type. The Cybersecurity Threat Analyst is expected to collaborate with leadership to develop metrics based on situational awareness and provide support for incident response, surveillance, vulnerability identification, secure network design, and threat monitoring at an enterprise level that will be reported based on the approved plan and supporting checklists. The Cybersecurity Threat Analyst must be able to conduct research on emerging threats, maintains proficiency in exploitation tools, and develops threat profiles to rapidly address security incidents alerted primarily by industry-recognized Security tools and technology.
The incumbent should ideally have advanced security incident handling analysis experience in an established SOC environment and contribute to risk management, lead Red Team/Blue Team exercises, mentor junior analysts, and develop playbooks for incident scenarios. The Cybersecurity Threat Analyst monitors network traffic, investigates incidents, and collaborates with the SOC team to enhance the organization's security posture.
**ROLE REQUIREMENT**
- Is familiar with the tactical and long-term vision across the Cyber Security function.
- Adheres to the standard operating procedure and playbooks in the SOC.
- Direct impact on the SOC performance.
- Impacts on team’s runbooks and operational processes in the SOC Service.
- Provides security incident handling and technical guidance to SOC Teams.
- Gives regular, comprehensive, and constructive feedback, and coaching and mentoring to the team.
- Mentor junior analysts to enhance their effectiveness in their roles.
- Proactively hunt for advanced threats and conduct in-depth research and analysis.
- Monitor network traffic, analyze data, and identify suspicious activity.
- Investigate incidents, determine root causes, and provide incident response support.
- Develop secure network designs, protection strategies, and audits for information security infrastructure.
- Research and maintain proficiency in computer exploitation tools, attack techniques, and emerging threat sources.
- Contribute to a comprehensive risk management program, identifying critical processes, threats, and vulnerabilities.
- Lead Red Team/Blue Team exercises and identify gaps in monitoring tools and processes.
- Develop playbooks for various incident scenarios and possess knowledge of automation processes.
- Analyze incidents from various sources, combined with threat intelligence feeds into the SIEM.
- Assist in coordinating, validating, and managing all-source collection requirements and intelligence activities.
- Conduct nodal analysis, evaluate threat decision-making processes, and identify intelligence gaps.
- Monitor and report changes in threat activities, tactics, capabilities, and objectives.
- Produce timely and fused cyber operations intelligence products, threat assessments, and briefings.
- Provide intelligence analysis and support for exercises, planning activities, and time-sensitive operations.
- Report significant network events, intrusions, and intelligence-derived information.
- Collaborate with stakeholders, analysts, and managers to ensure accurate intelligence requirements and collection plans.
Additional Information:
- Individuals at this level have fully developed knowledge of best practices in security incident handling in an established SOC.
- Able to build strong interpersonal relationships with the SOC team and customer stakeholders.
- Excellent communication skills and communication of complex information to non-technical stakeholders.
- Confident in producing and presenting work.
- In-depth understanding of best security incident analysis and incident handling practices, Strong knowledge of networking protocols, operating systems, and security architecture in an established SOC.
- Proficiency in security tools such as SIEM, IDS/IPS, EDR, and network analyzers.
**TECHNICAL / PROFESSIONAL COMPETENCIES**
- Adhere to operational processes in the NIST CSF and MITRE ATT&CK framework
- Prior experience to advise, plan, deploy, configure, manage, and monitoring large-scale and complex cyber defence and IT risk management and information or cybersecurity solutions.
**QUALIFICATIONS & EXPERIENCE**
- Grade 12
- One or more of these industry Cybersecurity Certifications: GIAC Certified Incident Handler (GCIH), Certified Computer Security Incident Handler (CSIH), CEH, OSCP, CompTIA, Microsoft Security Certifications
- Minimum of four (4) years of work experience, and three (3) years of relevant experience in an established SOC and information security/cybersecurity
- Ability to partake in exercises, develop playbooks, and automat
-
Senior Specialist: Cybersecurity Threat Analyst
3 weeks ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Cybersecurity Threat Analyst will be responsible for monitoring enterprise networks and systems, deterring, identifying, investigating, and mitigating, any and all threats that are directed against those systems regardless of their classification level or type. The Cybersecurity Threat...
-
Midrand, Gauteng, South Africa Nexio Full timeROLE PURPOSEAs part of the Customer-facing Nexio SOC team, the Cybersecurity Threat Analyst will be responsible for monitoring enterprise networks and systems, deterring, identifying, investigating, and mitigating, any and all threats that are directed against those systems regardless of their classification level or type. The Cybersecurity Threat Analyst is...
-
Specialist: Cybersecurity Analyst
4 days ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Specialist: Cybersecurity Analyst plays a critical role in monitoring, detecting, and responding to cybersecurity incidents within a Security Operations Center. The Cybersecurity Analyst utilizes incident handling methodologies to validate security events, assess severity levels, and...
-
Specialist: Cybersecurity Analyst
3 weeks ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Specialist: Cybersecurity Analyst plays a critical role in monitoring, detecting, and responding to cybersecurity incidents within a Security Operations Center. The Cybersecurity Analyst utilizes incident handling methodologies to validate security events, assess severity levels, and provide...
-
Specialist: Cybersecurity Analyst
1 week ago
Midrand, Gauteng, South Africa Nexio Full timeROLE PURPOSEAs part of the Customer-facing Nexio SOC team, the Specialist: Cybersecurity Analyst plays a critical role in monitoring, detecting, and responding to cybersecurity incidents within a Security Operations Center. The Cybersecurity Analyst utilizes incident handling methodologies to validate security events, assess severity levels, and provide...
-
Specialist: Cybersecurity Analyst
1 week ago
Midrand, Gauteng, South Africa Nexio Full timeROLE PURPOSEAs part of the Customer-facing Nexio SOC team, the Specialist: Cybersecurity Analyst plays a critical role in monitoring, detecting, and responding to cybersecurity incidents within a Security Operations Center. The Cybersecurity Analyst utilizes incident handling methodologies to validate security events, assess severity levels, and provide...
-
Senior Specialist: Cybersecurity Analyst
3 weeks ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Senior Specialist: Cybersecurity Analyst plays a critical role in monitoring, detecting, and responding to cybersecurity incidents within a Security Operations Center. The Cybersecurity Analyst utilizes incident handling methodologies to validate security events, assess severity levels, and...
-
Cybersecurity Incident Management Specialist
3 weeks ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Cybersecurity Incident Management Specialist is a crucial role within an organization's cybersecurity team. The primary responsibility of the Cybersecurity Incident Management Specialist is to detect, respond to, investigate, and mitigate cyber threats and incidents that occur within the...
-
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Cybersecurity Incident Manager is a crucial role within an organization's cybersecurity team. The primary responsibility of the Cybersecurity Incident Manager is to detect, respond to, investigate, and mitigate cyber threats and incidents that occur within the organization's network and...
-
Cybersecurity Analyst
1 week ago
Midrand, Gauteng, South Africa Fidelity Services Group Full timeJob Title: Cybersecurity AnalystLocation: Ulwazi Campus Midrand/HelderkruinReports to: Information Security Manager**Job Summary:We are seeking a skilled and dedicated Cybersecurity Analyst to join our Cybersecurity team in the physical security industry. As a Cybersecurity Analyst, you will play a crucial role in ensuring the security of our diverse client...
-
Specialist: Cybersecurity Incident Manager
3 weeks ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Cybersecurity Incident Manager is a crucial role within an organization's cybersecurity team. The primary responsibility of the Cybersecurity Incident Manager is to detect, respond to, investigate, and mitigate cyber threats and incidents that occur within the organization's network and...
-
Cybersecurity Analyst
3 weeks ago
Midrand, South Africa Fidelity Services Group Full time**Job Title**: Cybersecurity Analyst **Location**: Ulwazi Campus Midrand/Helderkruin **Reports to**: Information Security Manager** **Job Summary**: We are seeking a skilled and dedicated Cybersecurity Analyst to join our Cybersecurity team in the physical security industry. As a Cybersecurity Analyst, you will play a crucial role in ensuring the security...
-
Specialist: Cybersecurity Incident Manager
1 week ago
Midrand, Gauteng, South Africa Nexio Full timeROLE PURPOSEAs part of the Customer-facing Nexio SOC team, the Cybersecurity Incident Manager is a crucial role within an organization's cybersecurity team. The primary responsibility of the Cybersecurity Incident Manager is to detect, respond to, investigate, and mitigate cyber threats and incidents that occur within the organization's network and...
-
Cybersecurity Specialist
1 week ago
Midrand, Gauteng, South Africa Nambiti Technologies Full timeGauteng, Midrand- market related (Market related, Negotiable)Our client based in Gauteng is looking for a Cybersecurity Specialist with 5+ years relevant experience in Cybersecurity for a period of 5 yearsRequired skills and knowledge Wellversed with various security tools such as Burp Suite, Nmap. Nessus Qualys, Metaspoilt, etc.; Fully understanding if...
-
Cybersecurity Specialist
2 months ago
Midrand, South Africa Nambiti Technologies Full timeGauteng, Midrand - market related (Market related, Negotiable) Our client based in Gauteng is looking for a Cybersecurity Specialist with 5+ years relevant experience in Cybersecurity for a period of 5 years **Required skills and knowledge** - Well-versed with various security tools such as Burp Suite, Nmap. Nessus Qualys, Metaspoilt, etc.; - Fully...
-
Senior Specialist: Cybersecurity Infrastructure
3 weeks ago
Midrand, South Africa Nexio Full time**ROLE PURPOSE** As part of the Customer-facing Nexio SOC team, the Senior Specialist: Cybersecurity Infrastructure Support will identify, analyze and react to security incidents, events, and threats using a reliable set of operating processes and SIEM technologies such as Azure Sentinel, or QRadar, or ArcSight. The Senior Specialist: Cybersecurity...
-
Specialist Cybersecurity Infrastructure Support
2 months ago
Midrand, South Africa TalentCru Full timeOur client is looking for a Specialist Cybersecurity Infrastructure Support. This individual will identify, analyze and react to security incidents, events, and threats using a reliable set of operating processes and SIEM technologies such as Azure Sentinel, or QRadar, or ArcSight. He will support the architecture, deployment, management, and maintenance of...
-
Specialist Cybersecurity Infrastructure Support
3 weeks ago
Midrand, South Africa TalentCru Full timeOur client is looking for a Specialist Cybersecurity Infrastructure Support. This individual will identify, analyze and react to security incidents, events, and threats using a reliable set of operating processes and SIEM technologies such as Azure Sentinel, or QRadar, or ArcSight. He will support the architecture, deployment, management, and maintenance of...
-
Midrand, Gauteng, South Africa Nexio Full timeROLE PURPOSEAs part of the Customer-facing Nexio SOC team, the Senior Specialist: Cybersecurity Infrastructure Support will identify, analyze and react to security incidents, events, and threats using a reliable set of operating processes and SIEM technologies such as Azure Sentinel, or QRadar, or ArcSight The Senior Specialist:Cybersecurity Infrastructure...
-
L1 Incident Analyst
1 week ago
Midrand, South Africa Liquid Tech (Pty) Ltd. Full time**Role Purpose** To deliver day-to-day managed security services (MSS), related to SOC deliverables. Critical in this regard is to execute according to Standard Operating Procedure (SOP) expectations and meeting all related service level agreements (SLAs). It is further expected that these services will be enhanced and matured so that customer value can be...
