Cyber and Information Security Analyst - Absa Bank

With over 100 years of rich history and strongly positioned as a local bank with regional and international expertise, a career with our family offers the opportunity to be part of this exciting growth journey, to reset our future and shape our destiny as a proudly African group.

My Career Development Portal:

Wherever you are in your career, we are here for you. Design your future. Discover leading-edge guidance, tools and support to unlock your potential. You are Absa. You are a possibility.

Job Summary

The Security Operation Centre (SOC) Information Security Analyst is the first level of monitoring in the SOC. The Analyst identifies, monitors and responds to security events from Security Events Monitoring (SIEM) and other security event monitoring security systems as part of a team and also support business in ensuring the CIA of information assets.

Job Description

Accountability: Cyber Defence: (70%)

• Monitor security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity, escalate to Security team, tier 2 information security specialists, and/or as appropriate to perform further investigation and resolution.
• Recommend updates and enhancements to SOC security process, procedures, and Playbooks.
• Participate in security incident management and Cyber response activities.
• Provide monthly and adhoc reports on all cyber incidents to relevant regulatory and business units.
• Communicate effectively with stakeholders, and teammates during incident response.
• Maintain on an ongoing process of cyber and information security risk assessment with relevant institutional units, in order to analyse and assess risk levels, controls required to ensure system integrity and data protection.
• Continuously learn and monitor information security issues by identifying trends, methods and advanced development in the field while gathering information about emerging attacks and techniques.
• Document and maintain customer build documents, security procedures and processes.
• Staying up-to-date with emerging security threats including applicable regulatory security requirements.
• To undertake any other jobs assigned by Team Lead & Manager.

Accountability: Stakeholder relationship management: (5%)

• Coordinate and manage security response exercises with business partners and service providers
• Promote and provide information security training and awareness to employees, business partners and customers.
• Support in information security risk assessments of products and services.
• Collate reports and minutes for monthly cyber steering committee

Accountability: Data Quality (15%)

• Maintain high level of data quality in reporting systems in accordance with the Risk Data Aggregation and Reporting (RDAAR) requirements.
• Ensure all system updates are recorded, updated & closed timely and effectively

Accountability: Control (10%)

• Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise Wide Risk Management Framework and internal Absa Policies and Policy Standards. Understand and manage risks and risk events (incidents) relevant to the role.
• Ensure all activities align with ISO27001 and PCIDSS Standards.

EducationFurther Education and Training Certificate (FETC): Physical, Mathematical, Computer and Life Sciences (Required)