Specialist; Technology Security at Safaricom Kenya

Description

We are pleased to announce the following vacancy in the Corporate Security Division. In keeping with our current business needs, we are looking for a person who meets the criteria indicated below:

Reporting to the Senior Manager – Corporate Security, the role holder is responsible for aggregating critical information on current, new and emerging threats to determine potential impact on Business Systems for immediate remediation and on-going security risk measurement

Key Responsibilities:

• The person in this functional role will need to be knowledgeable in all aspects of design and implementation of complex security infrastructure architectures.
• The role will perform the design and assist in the integration of new projects, and be expected to keep up-to-date with the latest Security trends in (but not necessarily limited to): Authentication & Authorization, Access & Identity Management, Image Hardening, Auditing, Encryption and DevOps.
• Champion research and development (R&D) efforts in the Technology Security space, thus channeling input into the Security Strategy & Innovation Roadmap
• Take part in the design and implementation of changes to the Systems Security components as needed by Technology Division.
• Lead specialist forensic investigations and information security event analysis
• Provide thought leadership in implementing hacker detection techniques
• Lead efforts in re-engineering current processes & procedures with a view to reduce Security Opex costs
• Ensure the delivery of secure-by-default designs and provide input into the products & services development lifecycle
• Provide training, knowledge, general advice and capacity building within the enterprise on topics related to Technology Security

Qualifications

• Bachelor’s Degree in Electrical Eng./Computer Science/Technology Management (or equivalent) from a recognized university;
• Minimum of 4 years System Security experience – in Penetration Testing and Vulnerability Assessments, IDS/Firewalls/VPN administration, Content Filters, Security Scanning tools, Network and Systems Administration.
• Minimum of 1-year focused Security experience in Incident Management/Intrusion Analysis/Reverse Engineering.
• At least one professional Information Security Qualification: CISM/CISA/CISSP/CEH/CCSP
• Advanced Networking Competencies: CCNA/CCNP
• Proven hands-on experience in Microsoft & *nix Operating Systems
• Experience in the use of vulnerability assessment tools
• Proven experience in Cloud Technologies: Cisco UCS, EMC and VMware
• Broad familiarity with Security Technologies within other disciplines is a definite bonus
• Familiarity with Information Security Management Systems and Standards (ISO 27001, PCI-DSS, etc.)
• Working knowledge of these technologies or domains will be an added advantage: Cloud Technologies (Cisco UCS, EMC and VMware), CMS (Joomla, Wordpress and PHPBB), Apache, PHP, cPanel and ModSecurity