Specialist, Incident Response

Standard Bank Group is a leading Africa-focused financial services group, and an innovative player on the global stage, that offers a variety of career-enhancing opportunities – plus the chance to work alongside some of the sector’s most talented, motivated professionals. Our clients range from individuals, to businesses of all sizes, high net worth families and large multinational corporates and institutions. We’re passionate about creating growth in Africa. Bringing true, meaningful value to our clients and the communities we serve and creating a real sense of purpose for you.

As a Specialist Incident Response Analyst, you will play a central role in detecting, investigating, and responding to cyber incidents in a non-tiered SOC environment. You will own incidents end-to-end from triage through containment and recovery while applying an adversarial mindset to anticipate attacker behaviour. Alongside technical response, you will contribute to policy improvement, coaching, and industry engagement, ensuring the bank’s response capability matures continuously. This role includes after-hours standby as part of an on-call rotation.

• A degree Information Technology is required.
• IT Risk/security certification such as CISM, CISSP or CISA, GCIA, GCIH, OSCP  is required. 
•  AWS/Azure Cloud Certifications.

Experience Required:

• 5-7 years experience in IT Security, preferably in a Financial Institution, with noted experience in developing threat models, threat analysis, cyber and incident management, offensive security, high level static and dynamic malware analysis.
• 5-7 years experience in strong IT understanding, gaining insight into digital and platform operating models and cyber security trends and solutions.
• Strong experience in incident management, threat modelling, malware analysis, and offensive security techniques.
• Broad IT systems knowledge and awareness of digital platform operating 
  models.

Key Responsibilities:

• Detect & Investigate: Analyse alerts from SIEM, EDR, and threat intelligence sources; distinguish true vs false positives.
• Contain & Remediate: Lead active incidents through containment, eradication, and recovery actions.
• Threat Hunting: Proactively search for adversary activity using attacker TTPs and threat intel.
•  Malware & Phishing Triage: Perform static/dynamic malware analysis and investigate phishing campaigns.
• Offensive Security Awareness: Apply penetration testing/red team knowledge to strengthen detection and response.
• Forensic Support: Collect and analyse logs, endpoint, and network artifacts for root cause analysis.
• On-Call Duties: Provide after-hours escalation support on a rotational basis.
• Documentation & Reporting: Produce incident reports, lessons learned, and contribute to playbook improvements.

Behavioural Competencies:

• Articulating Information
• Checking Things
• Directing People
• Documenting Facts
• Embracing Change
• Examining Information
• Interpreting Data
• Making Decisions
• Producing Output
• Providing Insights
• Taking Action
• Team Working

Technical Competencies:

• Data Analysis
• Diagramming and Modelling
• Documenting
• Information Security
• IT Knowledge
• IT Systems
• Research & Information Gathering