- Group Information Technology: systems development, business analysis, architecture, project management, data warehousing, infrastructure, maintenance and production
- Responsible for performing security monitoring and incident handling to ensure the Confidentiality, Integrity and Availability of information assets for the Standard Bank Group.
- Partner with relevant stakeholders to maintain and improve the security posture of Business and IT.
- Develop appropriate measures to understand the effectiveness of securing the bank through the availability of systems.
- Perform monitoring via the Security Information and Event Management (SIEM) tool as well as from external sources (e.g. telephone or email).
- Report on false positives and escalate those to the Lead Analyst for verification.
- Undertake incident analysis, tracking, recording, and response.
- Work with or assist other Cyber Security Incident Response Team (CSIRT) members in analysis activities.
- Report new attack types or suspicious activity to the Lead Analyst.
- Update the Case Management tools with evidence trails of all analysed incidents.
- Document results of incidents.
- Escalate and provide feedback on incidents as per Incident Handling Classification Standard and process.
- Provide support to Lead Analyst and coordinate activities in support of Incident Containment.
- Interact with the CSIRT team by assignment from Lead Analyst or Manager of Cyber Security Operations Centre.
Mitigation of Risk:
- Continuously report on incidents identified via the SIEM.
- Spot patterns across a number of systems to provide advanced warning on new threats.
- Have an in-depth knowledge of Stanbic IBTC’s policies, procedures, or overall IT environment. Adherence to all applicable Policies and Procedures is mandatory.
- Ad- hoc compilation and submission of M.I.S reports.
- Security incidents reporting.
Preferred Qualification and Experience
- Understanding of the CSOC and CSIRT objectives and requirements.
- Relevant IT certifications.
- Working knowledge of relevant Operating Systems.
- Demonstrate knowledge of standards associated with the role, e.g. ISO, CobiT, ITIL.
- Understanding of incident management and case management technologies (ticketing systems).
- Excellent communication and skills, written and verbal.
- TCP/IP, HTTP, network access controls, Security principles.