Cyber Defense Operations Center - Cyber Security

TransUnion's Job Applicant Privacy Notice

What We'll Bring:

What You'll Bring:

This role will focus on proactive monitoring, responsible for analyzing events across all TU environments and its entities. As a 24/7 team, Security Analysts work shifts which may include nights and weekends. The role is a key part of our global information security team, involving daily interaction with multiple security teams and business stake holders.
This is a growing team and this position will have a significant role in shaping it.

Responsibilities:

Technical Analyst for SOC monitoring and response efforts leveraging threat intelligence, forensics and automation capabilities

Contribute to process and procedure enhancement.

Support Compliance and Governance requests

Participation in emergency on-call rotation escalated up from 24 x 7 SOC monitoring

Impact You'll Make:

Requirements

Relevant certifications and background

Overall 3 to 5 years of experience in SOC monitoring (identifying, investigating and responding to complex attacks)

Relevant experience with investigative technologies such as SIEM(preferably Splunk), packet capture analysis and Memory analysis tools

Knowledge of email security threats and security controls, including experience analyzing email headers.

Understanding of network fundamentals and common Internet protocols, specifically DNS, HTTP, HTTPS / TLS, and SMTP.

Strong written and verbal communication skills to engage with other Cyber teams and company employees on Cyber investigations and escalations

Strong understanding of threat landscape in terms of the tools, tactics, and techniques of Threats employing both commodity and custom Malware

Familiarity with system administration and security controls on Windows, Linux and Mac OS

Exposure In writing playbooks, runbooks and defining use-cases will be an asset.

Willingness to learn and zeal to perform will be a key factor

Hands-on experience with end-point security tools such as Netskope, Microsoft Defender, Tanium, CrowdStrike etc…

Knowledge on Cloud security fundamentals

For positions based in South Africa, preference will be given to suitably qualified candidates from designated groups in line with the company's Employment Equity plan and targets.

Should you have not heard from us within 3 weeks from applying, please regard your application as unsuccessful.

Please note it is a requirement of the Global Capability Centre Africa that you reside in a home that is fibre ready; and has space for you to be able to work comfortably and confidentially on a day-to-day basis for the purpose of your proposed employment. You can be based anywhere in South Africa that has fibre, but will not be able to work in a location outside of South Africa.

A Minimum of a 100 Meg Fibre line is required, should you be successful, you will need to upgrade your line or install fibre in order to work effectively.

Please note that being a credit bureau, some positions require a clear credit record.

#LI-Remote

TransUnion Job Title