Specialist, Threat Intelligence needed at Standard Bank Group

ob Description

• To provide Cyber-InfoSec expertise, professional knowledge, and technical skills to prevent cyber-attacks, significant reputational, financial, or other losses. To implement SBGs Cyber Resilience Programme to prevent cyber-attacks, protect sensitive data and systems from infiltration or misuse and execute the InfoSec capabilities against policies, standards, and controls across relevant functions

Qualifications

• A degree in Information Technology or Computer Science.
• IT Risk/Security certification such as CISM, CISSP or CISA is required.
• A relevant Azure/AWS Cloud Certification is required

Experience Required:

• Proficiency in Python is required. Experience with PowerShell, Bash and Ruby is an added advantage.
• Experience in implementing machine learning and AI-powered automation workflows.
• Design, develop, and maintain robust and scalable automation scripts and applications using Python and other scripting languages.
• Experience with API integrations, database management (SQL/NoSQL), cloud infrastructures and cloud serverless technologies (e.g. AWS Lambda, Azure Functions) for implementing scalable cloud applications.
• Experience with defensive technologies such as SIEMs, EDR tools, Threat Intelligence Platforms (TIP), OSINT tools and offensive technologies such as Burp Suite, Cobalt Strike, and Metasploit is an added advantage.
• Experience within Financial Service Industry developing threat models, risk profiles, cybersecurity risk and incident management, and insight into crime in the financial sector.
• Strong IT understanding, gaining insight into digital and platform operating models and cyber security trends and solutions, building cyber security intelligence.

Additional Information

Key Responsibilities:

1. Evaluate, develop and implement cyber security processes, tools integration and automation workflows for intelligence observation, enrichment, triage and investigations.
2. Implement machine learning and AI-powered automation workflows to provide intelligence observability and enrichment, enabling automated threat scoring reporting, and analysis of threat observations.
3. Debug, troubleshoot and optimize existing automation workflows and applications.
4. Document and present technical designs, specifications, and user manuals for all developed tools and workflows.
5. Integrate intelligence data from open-source, commercial, and internal sources to create a unified view for actionable intelligence analysis.
6. Research and stay current on application security threats, vulnerabilities, and emerging tactics, techniques and procedures (TTPs).
7. Familiarity with the MITRE ATT&CK framework, Cyber Kill Chain, or other security-related frameworks.
8. Support purple teaming exercises to build cyber resiliency across security teams.

Behavioural Competencies:

• Adopting Practical Approaches
• Articulating Information
• Developing Strategies
• Embracing Change
• Exploring Possibilities
• Generating Ideas
• Interpreting Data
• Making Decisions
• Meeting Timescales
• Producing Output
• Providing Insights
• Team Working

Technical Competencies:

• Data Analysis
• Debugging and Fixing Software
• Information Security Management
• IT Risk Management
• Software Development Life Cycle (SDLC) methodologies & Tools
• Technical Analysis
• Use of Build and Test Automation
• Write Code