Cyber Security Analyst- Forensics and Analytics

Job Roles:

  • Performs digital forensic and data acquisitions in line with the Bank’s Information and Cybersecurity Policies while maintaining confidentiality, integrity and availability of data

Functions and Responsibilities:

  • Recover data from computer hard drives and other data storage devices using basic security tools
  • Analyze data and evaluate its relevance to the Incident under investigation\Analysis
  • Take forensic image of hard drives for lab analysis
  • Document each stage of the investigation and maintain a focus on event logs, repeatability and chain of custody
  • Document digital forensic policies and processes
  • Ensure all documentation, including internal team policies, procedures and process diagrams related to all forensic functions are accurate and up-to-date.
  • Handshake with Threat Intelligence and Cyber Incident response squad on swift identification, prioritization and analysis of computer incidents
  • Incident management and reporting
  • Support a computer forensic lab in a technically secure environment

Job Requirements:

A good first degree in any discipline preferably, Computer Science, Forensic and Analytics, or Cybersecurity field will be an advantage

  • Minimum of 2 years in banking / Information Technology with experience in cybersecurity, computer forensics / electronic discovery and incident response.
  • 2 years’ experience performing forensic acquisition and examination of Windows, Unix/Linux, Macintosh-based computers and servers in a corporate enterprise environment, OWASP 10, CEH, CHFI and Forensic Toolkit Knowledge
  • IT certification and other security professional qualification will be an added advantage
  • Collects, assesses and analyzes intelligence reports from multiple sources
  • Understands the overall threat landscape; knowledge of different operational threat environments
  • Basic knowledge of Incident management
  • Malware analysis static & dynamic, sandboxing, and software reverse engineering
  • Experienced with computer volatile memory analysis
  • Knowledge of operating systems internals and endpoint security experience (Windows)
  • Understanding of evidence handling and chain-of-custody procedures
  • Excellent Communications skills to enable rapport to be built with Stakeholders and colleagues
  • Ability to present both in the written form and orally and adapt communication style to the audience
  • Programming or scripting language knowledge (Python preferred)
  • Detailed understanding of web vulnerabilities and exploits including SQL injection, cross-site scripting