Jobs Career Advice Signup
X

Send this job to a friend

X

Did you notice an error or suspect this job is scam? Tell us.

  • Posted: Mar 24, 2020
    Deadline: Mar 31, 2020
    • @gmail.com
    • @yahoo.com
    • @outlook.com
  • Never pay for any CBT, test or assessment as part of any recruitment process. When in doubt, contact us

    Safaricom is the leading provider of converged communication solutions in Kenya. In addition to providing a broad range of first-class products and services for Telephony, Broadband Internet and Financial services, Safaricom seeks to uplift the welfare of Kenyans through value-added services and support for community projects.
    Read more about this company

     

    Principal Systems Auditor - Financial Systems and Information Security

    Description

    We are pleased to announce the subject career opportunity within the CEO’s Office under Internal Audit. In keeping with our current business needs, we are looking for a person who meets the criteria indicated below.

    Detailed Role Description

    Reporting to the Senior Manager – Networks and M-PESA Audits the position holder will be responsible for for leading, planning, performing and documenting Cyber/IT Security reviews and advisory assignments as well as audits of Financial Services Systems in accordance with the internal audit plan. These audits shall include but not be limited to Vulnerability Assessments, Penetration testing, audits of Mobile Money systems and Pre/ Post-Implementation reviews.

     

    The position holder will also be responsible for supporting strategic business initiatives by advocating and enhancing the risk and control environment, and when appropriate, engaging, managing and reviewing the work of external consultants/advisors.

    Job Responsibilities

    • Participation in the overall development and delivery of the audit plan
    • Review of the mobile money systems from a technical standpoint to provide assurance on the adequacy of controls are adequate to mitigate and/or manage the technology risk to acceptable levels
    • Review of security controls around key network elements (BSS, MSC, HLR/AUC, IN, NGN, GGSN/SGSN)
    • Prepare deliverables/reports for senior management that include thematic issues, trends and other micro/macro level risks identified through the execution of IT audits within the Financial Services space
    • Serve as an on-going subject matter expert in the area of information security controls and technologies
    • Present, discuss and follow-up on audit recommendations with management
    • Delivery of continuous information security assessments and penetration testing.
    • Articulation of security risk exposure to various stakeholders.
    • Review security control frameworks/guidelines to ensure consistent application of security controls
    • Review procedures for investigating and closure of technology security incidents in line with industry best practices
    • Keep abreast with the latest technology security trends and provide input to mitigate emerging threats

    Qualifications

    • Degree in Computer Science, IT, Business Information Systems (or related technical / business field) from a recognized university.
    • 5-7 years working experience in information systems and cyber security assurance
    • Demonstrated deep interest in IT Security and broad IT expertise coupled with good understanding of financial services and impacting laws and regulation
    • Strong working knowledge of penetration testing tools and methodologies including but not limited to Application Security, Database Security, Web services security, Network Security, Mobile Security and VAS systems security
    • Knowledge of common IT and networking technologies (operating systems, relational databases, network/mobile technologies) including Oracle or MS SQL databases, Unix / Linux / Windows etc.
    • Detailed understanding of frameworks, principles, practices, and techniques related to IT Security
    • Holder of Certified Information Systems Auditor (CISA) or equivalent
    • Security qualification (CISSP or CISM or other information security certification)
    • Experience in use of CAATs a must
    • Strong relationship, communication and stakeholder management skills
    • Ability to evaluate risks, articulate issues, develop consensus, raise awareness and recommend practical solutions
    • Strong Written and Verbal language skills
    • Ability to initiate and build effective stakeholder relationships
    • The ability to work under pressure and be resilient and tenacious to get results

    Note to Applicants

    As part of our recruitment process we will request the below documentation which will be required as soft copies at a later stage of the process.

    • An updated CV with a confirmation of three referees- 2 must be professional and must have supervised you at some point, the other referee can be a colleague in the same professional field. If the referees are within the same organization that you are working with, you will need to confirm to us that it’s okay to contact them in writing (via email). This also includes all references within the Human Resources department.
    • Scanned copy of certificate of good conduct from the CID (Less than 1 year old) - Applicable to Kenyans Only
    • Scanned copy of certificate from Credit Reference Bureau (CRB) – Applicable to Kenyans Only
    • Scanned copy of University Certificate or letter from the University requesting for internship
    • Scanned copy of your National ID / Passport-Legal Form of Identification

    Method of Application

    Interested and qualified? Go to Safaricom Kenya on safaricom.taleo.net to apply

    Build your CV for free. Download in different templates.

  • Send your application

    View All Vacancies at Safaricom Kenya Back To Home

Subscribe to Job Alert

 

Join our happy subscribers

 
 
Send your application through

GmailGmail YahoomailYahoomail