Specialist, Incident Response at Standard Bank Group

Job Description

• As a Specialist Incident Response Analyst, you will play a central role in detecting, investigating, and responding to cyber incidents in a non-tiered SOC environment. You will own incidents end-to-end from triage through containment and recovery while applying an adversarial mindset to anticipate attacker behaviour. Alongside technical response, you will contribute to policy improvement, coaching, and industry engagement, ensuring the bank’s response capability matures continuously. This role includes after-hours standby as part of an on-call rotation.

Qualifications

• A degree Information Technology is required.
• IT Risk/security certification such as CISM, CISSP or CISA, GCIA, GCIH, OSCP is required.
• AWS/Azure Cloud Certifications.

Experience Required:

• 5-7 years experience in IT Security, preferably in a Financial Institution, with noted experience in developing threat models, threat analysis, cyber and incident management, offensive security, high level static and dynamic malware analysis.
• 5-7 years experience in strong IT understanding, gaining insight into digital and platform operating models and cyber security trends and solutions.
• Strong experience in incident management, threat modelling, malware analysis, and offensive security techniques.
• Broad IT systems knowledge and awareness of digital platform operating
• models.

Additional Information

Key Responsibilities:

• Detect & Investigate: Analyse alerts from SIEM, EDR, and threat intelligence sources; distinguish true vs false positives.
• Contain & Remediate: Lead active incidents through containment, eradication, and recovery actions.
• Threat Hunting: Proactively search for adversary activity using attacker TTPs and threat intel.
• Malware & Phishing Triage: Perform static/dynamic malware analysis and investigate phishing campaigns.
• Offensive Security Awareness: Apply penetration testing/red team knowledge to strengthen detection and response.
• Forensic Support: Collect and analyse logs, endpoint, and network artifacts for root cause analysis.
• On-Call Duties: Provide after-hours escalation support on a rotational basis.
• Documentation & Reporting: Produce incident reports, lessons learned, and contribute to playbook improvements.

Behavioural Competencies:

• Articulating Information
• Checking Things
• Directing People
• Documenting Facts
• Embracing Change
• Examining Information
• Interpreting Data
• Making Decisions
• Producing Output
• Providing Insights
• Taking Action
• Team Working

Technical Competencies:

• Data Analysis
• Diagramming and Modelling
• Documenting
• Information Security
• IT Knowledge
• IT Systems
• Research & Information Gathering