Standard Bank Group is a leading Africa-focused financial services group, and an innovative player on the global stage, that offers a variety of career-enhancing opportunities – plus the chance to work alongside some of the sector’s most talented, motivated professionals. Our clients range from individuals, to businesses of all sizes, high net worth families and large multinational corporates and institutions. We’re passionate about creating growth in Africa. Bringing true, meaningful value to our clients and the communities we serve and creating a real sense of purpose for you.
Job DescriptionTo provide Cyber-InfoSec expertise, professional knowledge, and technical skills to prevent cyber-attacks, significant reputational, financial, or other losses. To implement SBGs Cyber Resilience Programme to prevent cyber-attacks, protect sensitive data and systems from infiltration or misuse and execute the InfoSec capabilities against policies, standards, and controls across relevant functions
QualificationsA degree in Information Technology or Computer Science.IT Risk/Security certification such as CISM, CISSP or CISA is required.A relevant Azure/AWS Cloud Certification is requiredExperience Required:
Proficiency in Python is required. Experience with PowerShell, Bash and Ruby is an added advantage.Experience in implementing machine learning and AI-powered automation workflows.Design, develop, and maintain robust and scalable automation scripts and applications using Python and other scripting languages.Experience with API integrations, database management (SQL/NoSQL), cloud infrastructures and cloud serverless technologies (e.g. AWS Lambda, Azure Functions) for implementing scalable cloud applications.Experience with defensive technologies such as SIEMs, EDR tools, Threat Intelligence Platforms (TIP), OSINT tools and offensive technologies such as Burp Suite, Cobalt Strike, and Metasploit is an added advantage.Experience within Financial Service Industry developing threat models, risk profiles, cybersecurity risk and incident management, and insight into crime in the financial sector.Strong IT understanding, gaining insight into digital and platform operating models and cyber security trends and solutions, building cyber security intelligence.
Key Responsibilities:
Evaluate, develop and implement cyber security processes, tools integration and automation workflows for intelligence observation, enrichment, triage and investigations.Implement machine learning and AI-powered automation workflows to provide intelligence observability and enrichment, enabling automated threat scoring reporting, and analysis of threat observations.Debug, troubleshoot and optimize existing automation workflows and applications.Document and present technical designs, specifications, and user manuals for all developed tools and workflows.Integrate intelligence data from open-source, commercial, and internal sources to create a unified view for actionable intelligence analysis.Research and stay current on application security threats, vulnerabilities, and emerging tactics, techniques and procedures (TTPs).Familiarity with the MITRE ATT&CK framework, Cyber Kill Chain, or other security-related frameworks.Support purple teaming exercises to build cyber resiliency across security teams.Behavioural Competencies:
Adopting Practical ApproachesArticulating InformationDeveloping StrategiesEmbracing ChangeExploring PossibilitiesGenerating IdeasInterpreting DataMaking DecisionsMeeting TimescalesProducing OutputProviding InsightsTeam WorkingTechnical Competencies:
Data AnalysisDebugging and Fixing SoftwareInformation Security ManagementIT Risk ManagementSoftware Development Life Cycle (SDLC) methodologies & ToolsTechnical AnalysisUse of Build and Test AutomationWrite Code