Cybersecurity Specialist, Threat Hunting and Intelligence

The Cybersecurity Specialist for Threat Hunting and Intelligence is responsible for researching, collecting, and analyzing threat reporting feeds to provide actionable cyber threat intelligence. The role involves identifying and evicting advanced cyber threats from the bank's ecosystems, whether on-premise or in the Cloud, and detecting novel vulnerabilities to mitigate cybersecurity risk before impact.

Key Responsibilities

• Research, collect, coalesce, and analyse open source and proprietary threat reporting feeds to provide applicable and actionable cyber threat intelligence.
• Continuously identify, analyse, pursue, and evict (“hunt”) advanced cyber threats from the bank’s technological ecosystems, whether on premise or in the Cloud.
• Provide a forward-looking view of the cyber threat landscape as it relates to the financial sector, predicting shifts in adversarial intent, goals, and strategic objectives.
• Maintain meticulous documentation of cyber threats, threat vectors, threat actors, and threat trends, tactics, techniques and procedures for consumption during threat modelling activities and security incidents.
• Build and leverage relationships with both internal and external peers from public and private sector organizations.
• Develop, effect, and continuously refine threat hunting and threat intelligence frameworks.
• Collaborate with the wider Cybersecurity Intelligence Security Operations Centre (CISOC), SOC Engineering, and Group Cybersecurity (GCS) technical teams to gain and give insight into threat models and security architectures.
• Give input to security awareness training and education programs based on the outcomes of threat hunting and threat intelligence exercises.
• Stay up to date with relevant vulnerabilities, threat actors, indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), and trends.
• Deliver timely, relevant, and actionable intelligence and recommendations through threat hunting and threat intelligence reports, briefings, and threat assessments to stakeholders.

Daily Responsibilities

• Monitor the surface, deep, and dark Web utilizing a diverse toolset to monitor and track threat actors, IOCs, and other cyber security risks.
• Administer, configure, and continuously improve advanced cyber threat hunting and threat intelligence platforms.
• Continuously conduct threat hunts based on predefined hypotheses.
• Provide periodic threat hunting and threat intelligence updates to the CISOC, GCS management, and executive leadership.
• Furnish expertise to the CISOC in handling and remediating security incidents.

Minimum Qualifications and Requirements

• A Bachelor's degree in IT/ Computer Science/ Telecommunications/ Engineering (Electrical or Electronic) or related field from a recognized university.
• Must possess at least 2 security certifications from the following list: CSA, CEH, E|CIH, GCIA, GCIH, GCFA, GREM, CISA, CISSP, CISM, or Security+.
• Must possess a Certified Information Systems Auditor (CISA) certification.
• A minimum of 5 years’ work experience in Information Technology.
• At least 3 years’ experience in Information/Cyber Security.
• At least 2 years' experience in Security Operations Centre/Security Monitoring/Endpoint Detection and Response/Network Detection and Response.
• Experience in Security Tools Administration (SIEM, DAM, WAF, etc.) or Incident Response and Management is desired.
• Experience working in the financial services industry and in a complex technological environment is desired.

How to Apply

Interested and qualified candidates should apply online through the KCB Bank recruitment portal hosted on Oracle Cloud. Access the application link here.