Cyber Information Security Analyst
  • South Africa Johannesburg
  • BASHR Consulting
1 year before
31.12.2023
Protect and Defend
Cyber Defense Analysis
Job Description

A fantastic opportunity has come up for an experienced Cyber Information Security Analyst to join a dynamic team in Johannesburg.

As a Cyber Information Security Analyst, you will need to be hands-on management, guidance, and recommendations for all operational Information Security platforms. The role will be a liaison between Operations and IT Governance to manage requests and incidents that involve remediation of operational system risks.

Requirements

Microsoft Security Certifications- of CISA, CISM, CISSP, CRISC, CASP, A+, N+.
7 years of security experience in these industries, Information Security Technology, Engineering, Operations, and Technology
5 years of cyber risk management experience.
5years’ experience using SPLUNK security tool.

Quick response
Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0013   Knowledge of cyber defense and vulnerability assessment tools and their capabilities.
  • K0019   Knowledge of cryptography and cryptographic key management concepts
  • K0024   Knowledge of database systems.
  • K0033   Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
  • K0058   Knowledge of network traffic analysis methods.
  • K0070   Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
  • K0104   Knowledge of Virtual Private Network (VPN) security.
  • K0111   Knowledge of network tools (e.g., ping, traceroute, nslookup)
  • K0221   Knowledge of OSI model and underlying network protocols (e.g., TCP/IP).
  • K0301   Knowledge of packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump).
  • K0332   Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • K0339   Knowledge of how to use network analysis tools to identify vulnerabilities.
  • K0624   Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list)
Required Skills
  • S0057   Skill in using protocol analyzers.
  • S0156   Skill in performing packet-level analysis.
  • S0367   Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Required Abilities
  • A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • A0159  Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute).