Incidence Response and Forensics Manager at Equity Bank Kenya

Job description

Reporting to the General Manager - IT Security, the ideal candidate will be tasked with responding to cyber threats targeting the Bank’s systems, applications, infrastructure, services, information, and users.

Key duties and responsibilities will include:

• Providing subject matter expertise, implementing processes, capabilities, and techniques for incident response and forensic analysis.
• Running and operating the inhouse Forensics lab.
• Formulating CRIERT policies and procedures as well as operationalizing and ensuring compliance.
• Responding to security incidents escalated from all business units.
• Performing triage and analysis on workstations, servers, mobile devices, cloud platforms, and network infrastructure.
• Performing forensic acquisitions of systems, memory, and volatile data using forensically sound practices.
• Identifying malware using memory analysis, live forensics, and hard drive forensics.
• Performing malware analysis through peer collaboration, sandboxed analysis, and reverse engineering.
• Identifying key Indicators of Compromise (IOCs) from new or unknown malware and developing rules and signatures for detection.
• Directly contributing to active threat hunting programs and security monitoring using cases.
• Contributing to the strategic direction for response and analysis capabilities at the Bank.
• Identifying and documenting lessons learned from incidents, participating in remediation requirements definition.
• 
  Required Qualifications and Experience
• Bachelor’s degree or equivalent experience, Master’s degree desirable
• Security certifications such as GCIH, GCFE, GCFA, GREM, GNFA, GASF, CISSP.
• Experience in an enterprise cloud environment.
• 4 years of experience in incident response, forensic analysis, and malware research.
• Experience leading response to advanced threats, investigations, incident analysis, and training and awareness for large enterprises.
• Possession a solid understanding of threat analysis and incident response practices and methodologies.
• Extensive experience with memory forensic analysis using industry standard tools (Encase, X-Ways, FTK, Volatility, Mandiant Redline, RegRipper, FTK Imager).
• Experience with cloud computing and security issues related to cloud environments.
• Experience with forensic analysis on cloud platforms (Amazon Web Services, Microsoft Azure, Google Cloud Platform).
• Authoritative technical knowledge of Internet security and networking protocols.
• Strong knowledge of Windows, Linux, and OSX operating systems.
• Scripting skills such as Python, Perl, Shell, Bash.

Desired Skills

• Prior experience with leading and managing a team.
• Should possess strong analytical skills and ability to identify advanced threats.
• Ability to communicate effectively at all levels within the Bank.
• Ability to collaborate effectively as part of a team and work independently with minimal supervision.
• Self-motivated, collaborative, and detail oriented.
• Ability to prioritize projects and operational workload.
• Excellent written and verbal communications.