Supervisor – Incidents & Security Surveillance at Kenya Revenue Authority (KRA)

Department: Corporate Support Services

Division:       Information and Communication Technology

Location / Work Station:  Nairobi

Job Summary:      

• The jobholder is responsible for cyber security monitoring of the Authority’s IT infrastructure and business systems for malicious activity and/or active threats. The role also involves responding to security incidents including containment, eradication and recovery in the 24/7 Security Operations Centre (SOC).

Key Responsibilities:       

• Monitoring security events from all KRA applications, servers, workstations and the entire KRA network to ensure timely and effective identification of anomalies/potential threats.
• Identify cyber-attacks targeted to the KRA network and systems, advise and block cyber attacks
• Investigate active threats, and continuously research and recommend suitable solutions to further secure, and safeguard company systems and assets.
• Perform deep-dive incident analysis by correlating data from various sources. Generate/Review event analysis reports of incident investigations
• Determines if a critical system or data set has been impacted and advises on remediation.
• Stay abreast of the information security threat environment, risk trends and technology developments related to your expertise.
• Provide actionable strategic, technical, and tactical cyber information and intelligence to management through reports, briefings, and presentations
• Monitor and gather threat intelligence from the deep web and dark web for potential threats and incidents, and analyze such threats and risks and recommend appropriate mitigating measures.
• Triaging of detected attacks and event escalation to management
• Ensure conformity to ISO (9001/2015 and 27001/2013) and data security requirements.
• Escalates cyber security events according to the Authority’s Cyber Security Incident Response Plan
• Conduct vulnerability assessment and patching of the identified patches
• Continuous diagnostics and mitigation of identified threats
• Review of privilege accounts to identified any internal threats.
• Ensure conformity to ISO (9001/2015 and 27001/2013) and data security requirements.

Academic Qualifications 

• Bachelor’s degree in Computer Science or IT related field.

Professional Qualification         

• Must have at least one of the following certifications or trainings in CEH/CHFI/ECIH/CISSP or in relevant  information security solutions certification, or incidents response

Relevant Work Experience        

• At least 3 years related information security work experience as an officer or a similar role.

Technical Skills

• Required Experience in cyber security threat Analysis
• Experience in incident management
• Computer forensics and analysis skills
• Experience in security tests or vulnerability management
• Penetration testing skills
• Research skills
• Experience in cyber security operations(SOC/CIRT)

Key Competencies:        

• Ability to work long hours including night shifts
• Analytical mind with problem-solving aptitude
• Excellent listening, communication and presentation skills
• Reliable and thorough with a deep commitment to accuracy
• Self-motivated and able to work independently
• A team player
• Ability to prioritize competing work commitments and deliver on time