IT security Officer
About the position
Work closely with the IT infrastructure team to implement, support, maintain and administer the IT security solutions that include databases, applications, network, and infrastructure security controls and platforms.
Responsibilities
- To ensure that all IT applications, systems, equipment, and network security platforms are regularly upgraded.
- To conduct investigation and report on any IT security breaches and put in place the relevant mitigation actions.
- Assist in performing Business Impact Analysis on security posture.
- Prepare and provide periodic IT Security status reports on daily, weekly, monthly as per the security plans.
- Participate in developing, updating, communicating, and publishing the Information Security Policy other operational security policies.
- Assist the head of ICT in the development of security strategies and programs.
- To be the central point, liaison and contact for all IT security issues.
- To ensure third party and external partners and suppliers accessing the IT environment strictly adhere to their contractual agreements and responsibilities like non-disclosure agreements and third-party minimum-security posture.
- To closely monitored all activities of third-party partners including not limited to changes, updates, access approaches and movements and assess for impact on all security aspects, including information security policy and controls.
- IT Information assets identification and classification then facilitate necessary technological controls and protections required for each asset class.
- To perform security risk analysis and risk management in coordination with Risk and IS audit functions.
- Identify and recommend various security solutions options for reducing IT security risks within the Company.
- Promote awareness of IT security across the Company through but not limited to one-on-one training, IT security circulars, online awareness sessions etc.
- Perform and coordinate security tests like network vulnerability tests, social engineering testing etc.
- Ensure correct IT access level that are based on least privilege and need to know principles and monitor IT access for compliance to the Company’s policies
- Working closely with IT infrastructure to develop, improve and regularly test the Company’s Disaster Recovery and data backup environments and plans.
- Actively monitor IT network (LAN/WAN) to identify issues and threats and prevention of incidents that may adversely impact confidentiality, availability, and integrity of company’s data, information, and IT environment.
- Ensure the security of the Company’s infrastructure network including servers (e-mail, print, and backup servers), and other IT infrastructure.
- Any other responsibilities that may be assigned to the job holder by the supervisor from time to time.
Qualifications
- Bachelor’s Degree from a recognized university in Bachelor of Information technology (BSc IT) Computer science or related.
- Professional ICT qualifications such CISA, CISSP, CISM, CRISC is an added advantage.
Experience
- Minimum of 2 years’ IT Security experience.
- Strong knowledge of Information Security concepts including, but not limited to, Audit Reviews, Risk Assessment, Awareness & Training, Identity Access & Management, Data Protection, Incident Management, Vulnerability Assessment, Third Party IS Assessment, Secure Configurations, Patch Management, etc.
- Thorough understanding of fundamental security related frameworks and network concepts.
- Hands-on troubleshooting, analysis, and technical expertise to resolve incidents and service requests; previous experience in troubleshooting day-to-day operational processes such as security monitoring, data correlation, security operations will be an added advantage.
- Knowledge and experience on Tenable.io and NIST framework added advantage.
- Results oriented, can achieve desired outcomes independently and at appropriate priority levels.
- Highly motivated and energetic with ability to multi-task effectively.
- Ability to complete projects and perform daily tasks with minimal supervision.
- Ability to set and meet deadlines.
- Strong interpersonal skills.
- Keen attention to detail.
- Proven analytical and problem-solving abilities.
Join us
If you meet the above minimum requirements, send your c.v to careers@gakenya.com indicate the position applied for on the email subject line to be received on or before 31st August 2022. Only shortlisted candidates will be contacted.