Cyber Security Threat and Response Analyst at Ecobank

• To detail and analyze significant current events, threat actors, campaigns, tactics, techniques, and procedures (TTPs), and malware with the purpose of synthesizing information, identifying patterns, determining cause and effect, and understanding impact to current risk posture. This role will analyze both raw and finished intelligence with an emphasis on the production of operational intelligence products to drive Ecobank Group’s security posture, inform Group Information Security, Group Technology Operations/Engineering and Executive management, assess exposure, identify controls or mitigations, and better inform their awareness of ongoing cyber threat activities.

• Collaborating with the Incident response analysts, other groups within Cyber Security and Group Technology Operations to ensure cyber intelligence is being effectively produced and utilized to proactively protect Ecobank from cyber threats and attacks.

• Performs proactive hunting for intelligence related to malicious activity that can impact the Ecobank Group network and digital assets
• Collects, assesses and analyzes intelligence reports from the implemented security intelligence solutions as well as other sources and disciplines

• Understands the overall threat landscape; knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non-nation state sponsored], and third generation nation state sponsored)
• Monitors and leverages the dark/deep/open web and other technical sources to gather intelligence about threat methods and actors to enhance the bank’s security posture
• Performs Threat Hunting to discover evidence of threats, insider misconduct, or anomalous behaviors by leveraging on tools, intelligence, and data from multiple sources
• Coordinates response, remediation, and recovery activities for potential security incidents
• Continuously evaluate new information for changes in actors, tactics, techniques, and targets in the cyber threat environment
• Updates and enhances defenses, detection capabilities, threat scenarios, and response playbooks
• Works with Group Operations to assess compliance with policies, regulatory requirements, standards, procedures, and best practices.
• Reviews threats and provides analysis on how they relate to Ecobank Group environments

• Communicates tactical and strategic threat information to responsible teams to assist them in making cyber risk decisions and to mitigate threats
• Envisions and proposes cross-team initiatives to implement cybersecurity improvements for identified gaps
• Develops and executes plans for intelligence requirements, analytic products and supporting workflows
• Collaborate with stakeholders to translate cyber intelligence into an instrumentation and detection strategy
• Leads the development and implementation of initiatives to meet priority objectives, analytic products, collection plans or detection capabilities
• Provides expertise and guidance to other team members on the development and implementation of improvements in one or more cyber intelligence areas of responsibility: collection optimization, operational intelligence analysis, or strategic intelligence analysis; expertise to internal and external stakeholders on an as-needed basis

• Plans and coordinates the development and implementation of improvements in one or more cyber intelligence areas of responsibility
• Leads the research, development and implementation of initiatives to meet priority security objectives, security analytic products, data collection plans or detection capabilities
• Routinely supports cross-team initiatives to help implement cybersecurity improvements

• Provides cyber intelligence training through expert understanding of tactics, techniques, and procedures of cyber threat actors
• Work with the SOC and the Security Assurance team to perform purple and red teaming exercises, document findings and work with accountable teams to address all identified gaps

• Define use/misuse cases for all systems for systems integrated into the SIEM
• Attends industry trade shows and networking events to expand body of knowledge

• Required: Bachelor's degree in Computer Science, Information Systems, Computer Engineering, Cybersecurity, Systems Analysis, or a domain related field or an equivalent combination of education and work experience
• Preferred: Master's degree in Computer Science, Information Systems, Computer Engineering, Cybersecurity, Systems Analysis or a domain related field or an equivalent combination of education and work experience.

• Required: Typically requires 5+ years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, systems administration and over 3 years' experience in computer network defense, computer network exploitation, incident response, computer forensics, malware reversing, or cyber intelligence; experience in relevant computer network defense discipline.
• Preferred: Typically requires 8+ years of combined IT and/or security work experience with a broad range of exposure to systems analysis, application development, systems administration and over 5 years in relevant computer network defense, computer network exploitation, incident response, computer forensics, malware reversing, cyber intelligence or engineering principles discipline.
• Minimum Professional certifications is any or all of the following CISSP/ CEH/ CCSP/GCIH/ECIH/FOR578

Jobweb Ghana