Information Systems Security Administrator at National Bank of Kenya

Main Duties & Responsibilities

• Administration of the banks security solutions including firewalls, IPS/IDS/ VPN’s, Security Information and Events Management (SIEM), antivirus, network admission systems, data leakage prevention solutions among other solutions.
• Monitor and report on the performance of network, system and application security solutions to highlight areas of non-compliance and inform the development of improved practices and processes
• Manage the allocation of system privileged of users to ensure appropriate security setting are applied in accordance with organisation policies and application owner defined parameters
• Assist with security breach investigations to guide the refinement of information security policies and practices
• Manage the periodic maintenance of security systems and applications to ensure new threats are identified and managed and the security of the organisation assets are maintained.
• Support end users on complex and technical security issues
• Be a technical lead in development and implementation of project plans, risk assessments and contingency plans for the security solutions
• Identifying risks via analysis of monthly metrics, security assessments, audit reports, regular discussions with the departments; and other means that may be available to ensure that appropriate measures are taken to mitigate exposure.
• Audit and monitoring of internal and external information security infrastructure, including but not limited to Firewalls, Proxy Servers, Anti-Virus, e mail security applications, Network access control applications
• Regular monitoring of user activities through the Security incident and event monitoring application and mitigation of controls.
• Support the implementation of procedural, operational and technical Security Architecture enhancements
• Perform periodic security vulnerability assessment of the ICT infrastructure and process appropriate remediation.
• Monitor data backup and recovery procedures for adequacy; participate in business continuity and disaster recovery tests.
• Mentor / cross train team members on existing and new technologies and integrate and share information with other analysts and other teams within the security team.
• Interact with customers and staff at the technical level, as required and carry out special tasks at management's direction. Ensure uptime and performance service level agreements are achieved monthly.
• Generating weekly status reports on the systems health and any performance issue of the security solutions.
• Perform other tasks and responsibilities as assigned by supervisor.

Position requirements

Academic & Professional Qualification

Essential

• Bachelor’s degree in computer science (or related area) with three to five years’ experience in information security administration and support experience.
• Strong knowledge of information security administration, Windows Server OS, Active Directory, Exchange, IIS, SQL operation and troubleshooting with a minimum of 3‐5 years’experience
• Certifications such as CCNA Security, Checkpoint Certified Professional. CISA, CISM is an added advantage.
• A solid understanding of LAN/WAN networking
• Active Directory Group Policy design and configuration
• Active Directory/LDAP user and group administration
• Strong communication and documentation skills
• Flexible and able to adapt to a rapidly changing environment
• Must be organized and have the ability to manage projects of varying length
• Positive, self-motivated individual who can complete tasks independently
• Forefront of emerging industry practices by engaging in ongoing education and research
• Must be a team player

Desirable

• Experience with information security systems administration in a financial institution.
• Certified Ethical hacking.
• Certifications relating to information security management e.g. CISA, CCSA, CEH
• Experience with other Microsoft technologies including Active Directory, Microsoft Active Sync, Office 365 and cloud computing.

Work Experience & Skills

Essential

• At least two years in information systems security or related experience.
• Solid systems security exposure and proficiency in at least two Operating Systems (Windows, Linux preferred).
• 3+ years' experience as a Security/Network Administrator or equivalent knowledge
• Strong troubleshooting skills of complex system problems.
• Strong analytical skills in threat, vulnerability, and intrusion detection analysis.
• Excellent verbal and written communication skills.
• Highly disciplined, motivated and able to work independently and as a team.
• Must be willing to periodically work non-standard hours and be on call.

Desirable

Experience gained in Banking, financial or telecommunication industry.

Information security – Ability to oversee information security, understand  best practices and techniques to maintain and enhance information security

Analytical skills – Ability to interpret error logs, monitor system performance data, and assess user information to ensure server reliability.

Communication skills –Effective written and verbal communication skills

Problem-solving– Ability to employ creative and technical problem-solving techniques in his day to day work.