Cyber Threat Hunt Analyst

Description:

Surgo (PTY) Ltd. has partnered with a global analytics and digital solutions company serving industries including insurance, healthcare, banking and financial services, media, retail, and others. They aim to bridge the gap between digital expectations and real outcomes for international companies with Digital Intelligence. Our client is recruiting for a Cyber Threat Hunt Analyst to join their team based in Cape Town. Job purpose: The role will support and advise on product assessments, policy adjustments, and architectural transformation that will impact regional and global locations. The position requires someone with technical expertise and will provide influence on the design of detective, preventive, and proactive controls. Responsibilities: • Identify and track threat actor groups and their TTPs while maintaining current knowledge of tools and best practices of APT groups • Perform cyber threat hunting activity using threat intelligence, analysis of anomalous log data, and related tools • Collect, enrich, and disseminate IOCs Indicators of Compromise • Use the MITRE ATTCK framework to analyze malicious campaigns and evaluate the effectiveness of security technologies and controls • Determine true threats, false positives, and network system misconfigurations and provide recommendations and solutions to issues detected • Monitor the organizations attack surface against the current threat landscape • Support the Cyber Threat Intelligence team to provide threat informed defenses that will improve prioritization of preventative controls and mitigations to improve defense posture • Engage and collaborate with Red Team to analyze and evaluate the effectiveness of existing security controls • Support Cyber Threat DFIR for internal incidents by performing cyber threat hunting activities during investigations and building a common understanding of threat activities Qualification Experience: • Direct experience performing threat hunting in an active corporate environment • 2+ years of experience in a technical role in the areas of Security Operation, Incident Response, Detection Engineering, Offensive Security/Red Team, or Cyber Threat Intelligence • Security certification or working towards certification (e.g., SANS, SEC+, CompTIA, Security+, OSCP, or CEH), equivalent experience will be considered • Experience analyzing system, network, and application logging for attack techniques across all stages of the cyber kill chain • Direct experience working with large datasets, log review and bulk analysis tools • Experience consuming and analyzing Cyber Threat Intelligence for actionable takeaways • Ability to apply Cyber Threat Intelligence through enrichment, correlation, and attribution • Familiarity with offensive security strategies and assessment methodologies • Knowledge of threat actors, including malware families, intrusion techniques, and associated criminal entities • Experience explaining threat hunt objectives and...


Job Reference #: 202607