Officer – Cyber Security Surveillance at Kenya Revenue Authority (KRA)

Job Summary:     

The job holder is responsible for carrying out cyber security monitoring of the Authority’s IT infrastructure and business systems for malicious activity and/or active threats. The role also involves responding to security incidents including containment, eradication and recovery in the 24/7 Security Operations Centre (SOC).

Key Responsibilities:

• Monitor and analyze logs and alerts from a variety of different technologies across multiple platforms in order to identify and mitigate potential (or active) threats, intrusions, and/or compromises in the 24/7 SOC.
• Provide timely detection, identification and alerts of possible attacks/intrusions, anomalous activities, and distinguish these incidents and events from benign activities.
• Identify cyber-attacks targeted to the KRA network and systems, advise and block cyber attacks
• Triage and investigate active threats, security breaches and other cyber security incidents.
• Perform deep-dive incident analysis by correlating data from various sources. Generate/Review event analysis reports of incident investigations
• Escalates cyber security events according to the Authority’s Cyber Security Incident Response Plan
• Monitor and gather threat intelligence from the deep web and dark web for potential threats and incidents, and analyze such threats and risks and recommend appropriate mitigating measures.
• Ensure conformity to ISO (9001/2015 and 27001/2013) and data security requirements.

Academic Qualifications

Bachelor’s degree in Computer Science or IT related field.

Professional Qualification     

Must have at least one of the following certifications or training in CEH/CHFI/ECIH/CISSP or in relevant  information security solutions certification, or incidents response

Relevant Work Experience  

At least one (1) year related IT security work experience in a large or busy organization.

Technical Skills Required

• Experience in cyber security threat Analysis
• Experience in incident management
• Experience in digital forensics and malware analysis
• Experience in security tests or vulnerability management
• Penetration testing skills
• Research skills
• Experience in cyber security operations(SOC/CIRT)

Key Competencies:

1. Ability to work long hours including night shifts
2. Analytical mind with problem-solving aptitude
3. Excellent listening, communication and presentation skills
4. Reliable and thorough with a deep commitment to accuracy
5. Self-motivated and able to work independently
6. A team player
7. Ability to prioritize competing work commitments and deliver on time