Company Description
Standard Bank Group is a leading Africa-focused financial services group, and an innovative player on the global stage, that offers a variety of career-enhancing opportunities – plus the chance to work alongside some of the sector’s most talented, motivated professionals. Our clients range from individuals, to businesses of all sizes, high net worth families and large multinational corporates and institutions. We’re passionate about creating growth in Africa. Bringing true, meaningful value to our clients and the communities we serve and creating a real sense of purpose for you.
Job Description
To provide Cyber-InfoSec expertise, professional knowledge, and technical skills to prevent cyber-attacks, significant reputational, financial, or other losses. To implement SBGs Cyber Resilience Programme to prevent cyber-attacks, protect sensitive data and systems from infiltration or misuse and execute the InfoSec capabilities against policies, standards, and controls across relevant functions
Qualifications
- A degree in Information Technology or Computer Science.
- IT Risk/Security certification such as CISM, CISSP or CISA is required.
- A relevant Azure/AWS Cloud Certification is required
Experience Required:
- Proficiency in Python is required. Experience with PowerShell, Bash and Ruby is an added advantage.
- Experience in implementing machine learning and AI-powered automation workflows.
- Design, develop, and maintain robust and scalable automation scripts and applications using Python and other scripting languages.
- Experience with API integrations, database management (SQL/NoSQL), cloud infrastructures and cloud serverless technologies (e.g. AWS Lambda, Azure Functions) for implementing scalable cloud applications.
- Experience with defensive technologies such as SIEMs, EDR tools, Threat Intelligence Platforms (TIP), OSINT tools and offensive technologies such as Burp Suite, Cobalt Strike, and Metasploit is an added advantage.
- Experience within Financial Service Industry developing threat models, risk profiles, cybersecurity risk and incident management, and insight into crime in the financial sector.
- Strong IT understanding, gaining insight into digital and platform operating models and cyber security trends and solutions, building cyber security intelligence.
Additional Information
Key Responsibilities:
- Evaluate, develop and implement cyber security processes, tools integration and automation workflows for intelligence observation, enrichment, triage and investigations.
- Implement machine learning and AI-powered automation workflows to provide intelligence observability and enrichment, enabling automated threat scoring reporting, and analysis of threat observations.
- Debug, troubleshoot and optimize existing automation workflows and applications.
- Document and present technical designs, specifications, and user manuals for all developed tools and workflows.
- Integrate intelligence data from open-source, commercial, and internal sources to create a unified view for actionable intelligence analysis.
- Research and stay current on application security threats, vulnerabilities, and emerging tactics, techniques and procedures (TTPs).
- Familiarity with the MITRE ATT&CK framework, Cyber Kill Chain, or other security-related frameworks.
- Support purple teaming exercises to build cyber resiliency across security teams.
Behavioural Competencies:
- Adopting Practical Approaches
- Articulating Information
- Developing Strategies
- Embracing Change
- Exploring Possibilities
- Generating Ideas
- Interpreting Data
- Making Decisions
- Meeting Timescales
- Producing Output
- Providing Insights
- Team Working
Technical Competencies:
- Data Analysis
- Debugging and Fixing Software
- Information Security Management
- IT Risk Management
- Software Development Life Cycle (SDLC) methodologies & Tools
- Technical Analysis
- Use of Build and Test Automation
- Write Code