• jobs
  • 1 week ago

jobs description

Package & Remuneration


Key Responsibilities:

Security Monitoring
• Perform log ingestion, define use cases, and create alerts for critical assets.
• Perform daily SIEM health checks and remediate accordingly.
• Monitor security alerts and events using various tools and technologies.
• Analyze and investigate security incidents to identify potential threats.
• Collaborate with team members to develop and implement effective monitoring strategies.
• Using IOCs and threat intelligence, perform threat hunting across environment.

Incident Response
• Respond promptly to security incidents, provide initial analysis, conduct business impact assessment, isolate, eradiate and recovery from threats.
• Document and report incidents, ensuring accurate and comprehensive records.
• Follow established incident response procedures, playbooks and contribute to their enhancement.

EndPoint Protection
• Manage and maintain endpoint security and EDR solutions.
• Perform daily health... checks endpoint security and EDR solutions and remediate accordingly.
• Conduct regular scans and assessments to identify and mitigate potential vulnerabilities.
• Work with IT teams to ensure endpoint security configurations align with organizational standards.

Vulnerability Management
• Assist in the identification and prioritization of vulnerabilities within the organization's infrastructure.
• Collaborate with system owners and IT teams to remediate identified vulnerabilities.
• Stay informed about the latest security threats and vulnerabilities.

Email Security
• Monitor and analyze email traffic for potential security threats.
• Respond to and mitigate email-borne security incidents.
• Work with email security solutions to enhance protection against phishing and malware attacks.

Qualifications and Experience:
• Relevant degree or advanced diploma in Computer Science, Information Systems, Business or related field, or equivalent combination of education/experience.
• One or more certifications in: EC-Council SOC, Security+, AWS Certifications, Microsoft Certifications, Google Certifications
• Must have 3-6 years' experience in a Cybersecurity related role.
• Practical experience with system monitoring SIEM, assessment, and reporting tools (ArcSight, IBM QRadar, Splunk, Sentinel, Exabeam, SIEMonster, AlientVault etc.)
• Practical experience with EDR and XDR tools.
• Proficiency in network security, operating systems, and security technologies.
• Experience with common information technologies (Windows, VMware, and Cisco as well as some UNIX, Linux).
• Experience with Vulnerability and Malware Analysis (threat and attack analysis).
• Experience with security tools (WAF, Proxy, DNS, IDS, firewalls, anti-virus, data loss prevention, etc.).
• Knowledge of Cloud Security Operations (SaaS, PaaS, IaaS), Mobile Architecture, Network and Application Security and/or Data Protection
• Technology experience to be considered; Security+; Microsoft Security Certifications (MS-SC200); Azure Certifications, Recognised SOC certification

• Ability to work in independent environments under aggressive timelines.
• Ability to develop and maintain working relationships in a global environment.
• Excellent analytical and problem- solving skills
• Outstanding written skills for preparing reports and briefings.

• Communicates Effectively - conveys information and communicates ideas in a clear, concise and impactful manner
• Decision Quality - consistently makes timely, well-rounded and informed decisions
• Ensures Accountability - takes accountability and ensures others are held to account on agreed upon performance targets
• Manages Complexity - interprets and simplifies complex and contradictory information when resolving organisational problems
• Tech Savvy - leverages new technology to enhance productivity, improve problem solving, and support business growth

Preference will be given, but not limited to candidates from designated groups in terms of the Employment Equity Act.


Who we are is because of our people. They are our greatest asset. TFG is an internationally diversified retail portfolio of 34 speciality lifestyle and apparel brands that
Inspire our Customers to live their Best Lives and are woven into the lives of millions. Our vision is to create the most remarkable omnichannel experiences for our customers. TFG is more than a workplace, it's a launchpad for your growth. Join us and explore endless growth opportunities across our diverse brands. We're a purpose-led business, and on this team, you'll share the pride of making an impact across a whole industry.

We're the designers, the makers, the shakers and the teams behind the scenes.

Are you with us?


TFG's Information Technology team is responsible for the company's technological systems and the maintenance of its digital and technological infrastructure. By selecting future-fit technology and methodologies, they help the business meet its strategic objectives. They assess our business landscape and our market to ensure adaptability, scalability, expansion, and risk reduction
South Africa


Apply - Cybersecurity Analyst South Africa