Cybersecurity Analyst I

1. Security Monitoring

• Continuously monitor security alerts and events from sources like Microsoft Sentinel, Defender for Endpoint, and Defender for Cloud.
• Perform log management: ingestion, use case definition, and alert creation for critical assets.
• Develop detection rules: create, implement, and fine-tune analytical rules, alerts, and queries to detect security incidents and reduce false positives.
• Leverage user and entity behaviour analytics (UEBA) to identify abnormal activities and improve detection.
• Develop and customize automation playbooks in Sentinel and Defender to streamline incident response.
• Perform threat hunting using IOCs and threat intelligence across the environment.

• Analyze and investigate security incidents to identify threats.
• Respond promptly, conduct initial analysis, assess business impact, isolate, eradicate, and recover from threats.
• Document and report incidents accurately and comprehensively.
• Follow and contribute to incident response procedures and playbooks.

• Participate in Blue/Red/Purple team exercises.
• Engage in cyber crisis simulations and tabletop exercises.

• Understand the business value chain and key processes.
• Map business architecture to critical assets (crown jewels).
• Conduct risk assessments as needed.

• Manage and maintain endpoint security and compliance.
• Perform daily health checks and remediate issues.
• Conduct regular vulnerability scans and collaborate with IT on security configurations.

• 1-3 years of experience in a SOC or cybersecurity role.
• Preferred experience with Microsoft Defender XDR, EDR, JAMF, Symantec DCS, DNS, network security, and related technologies.
• Experience with Windows, VMware, Cisco, UNIX, Linux.
• Knowledge of security tools such as WAF, Proxy, DNS, IDS, firewalls, anti-virus, DLP, IAM, MFA, NAC.
• Understanding of Cloud Security Operations, Mobile Architecture, Network and Application Security.

• Excellent communication skills in English, both written and verbal.
• Teamwork and willingness to share knowledge.
• Effective time management under pressure.
• Strong reporting skills and stress management.
• Passion for learning and proactive problem-solving.

• Action-oriented, effective communication, courageous, and decisive.
• Accountable, able to manage complexity, and strategic in planning.
• Tech-savvy and adaptable to new technologies.

Preference will be given to candidates from designated groups as per the Employment Equity Act.

About Us: TFG is a diversified retail portfolio committed to inspiring customers and creating remarkable omnichannel experiences. Join us to grow and make an industry impact.

About The Team: Our IT team manages technological systems and infrastructure, selecting future-fit solutions to meet strategic objectives, ensuring adaptability, scalability, and risk mitigation.