TDR Lead
A ZAR 745K-1000K (estimate) Senior-level Full Time
Tasks
- Automate alert filtering and notifications
- Build and maintain threat detection runbooks
- Contain complex attack chains
- Develop new threat detection rules
- Generate and present managed service reports
- Ingest and enrich telemetry for threat detection
- Integrate new log sources
- Investigate and respond to security alerts
- Monitor CloudWatch metrics and adjust AWS configurations
- Monitor OpenSearch metrics and modify index configurations
- Onboard new clients to TDR and ASM platforms
- Tune threat detection rules to reduce false positives
- Use MITRE ATT&CK techniques to detect IOCs and TTPs
- Validate security exposures with penetration testing
Perks/Benefits
- Career growth
- Collaborative fast paced team
- Mentorship
- Security conference attendance
- Training programs
Skills/Tech-stack
AWS CloudWatch | AWS IAM | AWS Lambda | Account takeover | Adversary in the Middle | Amazon EC2 | Amazon Security | Amazon Security Lake | Amazon Web Services | Application Security | Attack surface | Attack surface management | Bash | Business email compromise | Credential Stuffing | DNS | DSL | DevOps | DevSecOps | ES | Endpoint Security | HTTP | Incident Response | Info Stealing Malware | KQL | Linux | MITRE ATT&CK | OpenSearch | Python | QL | Ransomware | SIEM | SQL | Security Lake | Security groups | Server Side | Server Side Request Forgery | TCP/IP | TLS | Threat detection | Web Application | Web Services | Web application security | XSS
Education
N/A
Related jobs
-
Network Security Engineer ZAR 660K-920K802.1x | AWS | Access Management | Active Directory | AnsibleFlexible hours | On-call support | Technical mentorshipSenior-level Full TimeJohannesburg, South Africa1d ago
-
Mid-level Full TimeCape Town, Western Cape, South Africa1d ago
-
Amazon Elastic Container Service | Amazon Web Services | Containers | Elastic Container Service | JavaPermanent roleMid-level Full TimeCape Town, Western Cape, South Africa1d ago
-
Active Directory | Backup Management | DHCP | DNS | GrafanaThird level support | TrainingMid-level Full TimeCape Town, WC, South Africa1d ago
-
Active Directory | Apple macOS | BI reporting | Confluence | Deep Freeze24x7 global support roster shift rotation | Mentor opportunitiesMid-level Full TimeCape Town, WC, South Africa1d ago
-
Mid-level Full TimeStellenbosch, WC, South Africa1d ago
-
Mid-level Full TimeStellenbosch, WC, South Africa1d ago
-
Senior-level Full TimeSandton, GP, South Africa1d ago
-
Access Governance | Application Security | Cloud Security | Ethical Hacking | Information securityMid-level Full TimeCape Town, WC, South Africa1d ago
-
Agile | Angular | Build Automation | C# | CI/CDMid-level Full TimeCape Town, WC, South Africa1d ago
-
AWS | Agile | Arista | Cause analysis | Cisco DataContract positionSenior-level Full TimeSandton, GP, South Africa1d ago
-
Mid-level Full TimeSandton, GP, South Africa1d ago
-
API | AWS CodeCommit | AWS CodeDeploy | Agile | Architecture DesignContinuous learning | Mentorship | Personal masterySenior-level Full TimeJohannesburg, GP, South Africa1d ago
-
Access Management | Active Directory | Anti-Malware | Antivirus | Apache HTTPSenior-level Full TimePretoria, South Africa1d ago
-
Access Control | Application Firewall | Device troubleshooting | Disaster Recovery | Event managementSenior-level Full TimeRandburg, GP, South Africa1d ago
-
Application Firewall | Canary Releases | Cloudflare | Docker | ElasticsearchSenior-level Full TimeCape Town, WC, South Africa1d ago
-
Access Management | Active Directory | Amazon Web Services | Application Firewall | CISMSenior-level Full TimeCape Town, WC, South Africa1d ago
-
Amazon Web Services | CI/CD | GitLab | Grafana | HashiCorp VaultSenior-level Full TimeCape Town, WC, South Africa1d ago
-
API Management | Access Management | Active Directory | Activity monitoring | Automation and responseCross-functional collaboration | Enterprise environment exposureSenior-level Full TimeJohannesburg, GP, South Africa1d ago
-
Automated testing | Behavior-Driven Development | CI/CD | Cause analysis | Continuous ImprovementSenior-level Full TimeJohannesburg, South Africa1d ago
-
Computer Security | Incident Response | Network Security | Penetration Testing | Risk AssessmentSenior-level Full TimeCape Town, WC, South Africa1d ago
-
Application Testing | Attack Simulation | Blue Team | Database Vulnerability Testing | Mobile Application TestingRemote work opportunities | Team collaborationSenior-level Full TimeJohannesburg, GP, South Africa1d ago
-
Access Control | Access Control Lists | BGP | Change Management | Cisco Device ManagementSenior-level Full TimeCape Town, WC, South Africa1d ago
-
Senior-level Full TimeJohannesburg, GP, South Africa1d ago
-
APIs | Access Control | Amazon Web Services | Ansible | AutomationSenior-level Full TimeCape Town, WC, South Africa1d ago