Senior Principal Security Analyst
The successful candidate will be expected to:
Develop a threat intelligence strategy to support the business to become proactive, focused, and preventative and develop and implement appropriate plans to address lower performance and ineffective cyber hunting practices. Produce intelligence outputs, threat and vulnerability reports, data and actionable intelligence and situational awareness to facilitate decision making. Research and identify potential threats and vulnerabilities and develop action plans to counter emerging cyber intelligence threats. Produce threat warnings, real-time situational and predictive analysis and the synthesis of all-source information and data. Participate in meetings and produce technical reports on intelligence threats and mechanisms depicting the value of the cyber intelligence function. Effectively manage a team of Security Cyber Analysts and Threat Hunters, their resources and overall performance.
Key Responsibilities wil include:
- Develops and executes security controls, defenses, and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce, and web-based systems.
- Maintains hardware, software and network firewalls and encryption protocols.
- Administers cybersecurity policies to control physical and virtual access to systems.
- Performs network security audits and testing and evaluates system security configurations to ensure efficacy and compliance with policies and procedures.
- Conducts penetration testing and vulnerability assessments of applications, operating systems and/or networks.
- Responds to cybersecurity breaches, identifies intrusions, and isolates, blocks, and removes unauthorized access.
- Researches and evaluates cybersecurity threats and performs root cause analysis.
- Assists in the creation and implementation of security solutions.
- Provides information to management regarding impact on the business caused by theft, destruction, alteration, or denial of access to information and systems.
- Oversees the detection and assessment of cybersecurity events and incidents across an organization’s cyber environment.
- Manages the team’s overall response to suspicious and criminal activity initiated by threat actors existing on the network.
- Provides technical guidance and oversight in protecting systems from criminal activity, cybersecurity breaches and ransomware attack.
- Serves as a technical expert in determining the scope of intrusion by identifying the initial point of access or source.
- Directs the analysis of threat trends and leads overall security monitoring to identify cyber-attacks in progress.
- Monitors and reviews investigations and findings, formal reports and incident response activities.
- Creates and distributes summaries, investigation reports and threat briefs to the IT security management team.
- Selects, develops and evaluates personnel to ensure the efficient operation of the function.
Education experience required
- Bachelor’s or equivalent degree at minimum
- CISSP, CYSA, CASP, S+, McAfee SIEM Specialist, McAfee ePO Specialist, Vulnerability Management and Anti-Virus Certification
Work experience required
- 10 years’ work experience
- 5+ years’ experience required in SOC and or Cyber Leadership roles and IT Security and/ or related function in a medium to large ICT organization, preferably IT service provider.
- Excellent client service orientation
- Excellent at solving problems and can use your initiative to drive innovation
- Excellent process management and leadership experience
- Excellent Cyber Risk management experience
- Leadership and mentorship experience is key