Cybersecurity Threat Analyst

 

Who is SABRIC

The South African Banking Risk Information Centre (SABRIC) is a public benefit organisation focusing on combatting banking and financial crime and making the banking sector safer.

SABRIC’s mission is to contribute to the effectiveness of the partnerships between its members and stakeholders for the benefit of the banking industry by:

  • Facilitating information exchange and cooperation between its members, regulators, and law enforcement,
  • Partnering and rendering technical services to SABRIC members or the state (upon request) and
  • Partnering with members or stakeholders to carry out projects approved by the board.

Overview

SABRIC is looking for experienced and passionate problem solvers united by the call to transform the daily lives of South Africans.

The role of a Cybersecurity Threat Analyst is critical in safeguarding organisations and industry sectors against evolving cyber threats. With a combination of technical expertise, analytical skills, and leadership capabilities, the individual in this role plays a pivotal role in managing a coordinated response to cybersecurity incidents, enhancing threat intelligence capabilities, and fostering collaboration within the cybersecurity community.

If you possess a strong background in cybersecurity, threat analysis and incident response, with effective communication skills to successfully mitigate and respond to cyber threats then this could be the role for you.

Job Purpose

The Cybersecurity Threat Analyst is a key role responsible for managing an industry coordination Computer Security Incident Response Team (CSIRT). The role involves analysing and reporting on cybersecurity threats, managing and coordinating community collaboration, and leading industry incident response efforts.

Key Responsibilities

  • CSIRT Management
  • Establish and lead an industry coordination CSIRT to effectively respond to cybersecurity incidents and threats.
  • Develop and maintain incident response procedures, playbooks, and escalation processes.
  • Coordinate with internal teams, external partners, and industry stakeholders to enhance incident response capabilities.
  • Threat Analysis and Reporting
  • Monitor and analyse cyber threats, vulnerabilities, and trends impacting the industry sector.
  • Produce timely and actionable threat intelligence reports, advisories, and alerts for stakeholders.
  • Conduct post-incident analysis and provide recommendations to improve security posture and resilience.
  • Community Collaboration
  • Foster collaboration and information sharing among industry peers, government agencies, and cybersecurity organisations.
  • Organise and participate in industry forums, working groups, and collaborative initiatives to address common cyber threats and challenges.
  • Facilitate joint exercises, tabletop simulations, and training sessions to enhance incident response readiness.
  • Industry Incident Response
  • Lead industry-wide incident response efforts, coordinating with affected organisations, regulators, and law enforcement agencies.
  • Serve as a liaison between industry partners and external stakeholders during cybersecurity incidents.
  • Provide guidance and support to affected organizations in incident detection, containment, and recovery efforts. Conduct forensic investigations into financial irregularities, fraud, and other financial crimes.

Qualifications and professional certification

  • Minimum of a bachelor’s degree in computer science, Information Technology, Cybersecurity, or related field.
  • Advanced certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM) will be highly advantageous.

Experience

  • At least 5 to 8 years working experience in an enterprise environment with a minimum of 3 years relevant cybersecurity experience.

Essential Knowledge and Skills

  • This role requires continuous education and training in emerging cybersecurity threats, tools, and techniques to stay abreast of evolving cyber threats and trends.
  • In-depth knowledge of cybersecurity principles, technologies, and best practices.
  • Proficiency in network security, encryption methods, access controls, and security protocols.
  • Knowledge of conducting vulnerability assessments, penetration testing, and security audits.
  • Ability to analyse and assess cyber threats, vulnerabilities, and risks to organisational systems and networks.
  • Familiarity with threat intelligence sources, tools, and platforms to gather and analyse threat data.
  • Skilled in identifying emerging threats and developing proactive strategies to mitigate risks.
  • Extensive experience in managing cybersecurity incidents, including triage, containment, eradication, and recovery.
  • Proficiency in using incident response frameworks such as NIST, SANS, or ISO/IEC 27035.
  • Capability to lead incident response teams, coordinate with stakeholders, and communicate effectively during critical incidents.
  • Strong verbal and written communication skills to articulate complex technical concepts to diverse audiences.
  • Ability to collaborate effectively with internal teams, external partners, law enforcement agencies, and industry peers.
  • Experience in facilitating information sharing, threat intelligence exchange, and joint cybersecurity exercises.
  • Demonstrated leadership skills to drive industry collaboration, establish partnerships, and foster a culture of cybersecurity awareness.
  • Ability to lead and mentor junior analysts, providing guidance and support in threat analysis and incident response activities.
  • Experience in managing projects, setting priorities, and ensuring timely delivery of objectives.

Personal Situation

  • Able to commute reliably to Midrand office.
  • Must have a vehicle and driver’s licence.
  • Able to work extended hours when required and be contactable.

Remuneration

Remuneration package will be offered in line with qualifications and experience.

Privacy Notice

By applying for this position at SABRIC, the applicant understands, consents, and agrees that SABRIC may solicit a credit and criminal report from a registered credit bureau and/or SAPS (in relation to positions that require trust and honesty and/or entail the handling of cash or finances) and may also verify the applicant’s educational qualifications and employment history.

It is confirmed that by submitting information to SABRIC, the applicant consents to the collection, collation, processing, and storing of such information and the use or disclosure in the recruitment process in accordance with the Protection of Personal Information Act.

Forward comprehensive your CV and qualifications to nadiac@sabric.co.za

Should you not be contacted two weeks hereafter, please consider your application as unsuccessful.