Systems Security Analyst IV - 4 Posts at Kenya Power

 Job Ref: HR: KP1/5B.2/1/3/1224

The specific tasks will entail:-

• Work with database administrators, systems developers and application owners to review and implement security controls to mitigate system security threats/risks throughout the system/program life cycle.
• Identify security control gaps in systems development, acquisition and maintenance to ensure that threats are properly identified, analyzed and mitigated.
• Participate in investigations on computer security compromises, incidents, or problems and recommend corrective actions.
• Review application, system and database logs and audit trails to identify violation to procedures and processes.
• Research on emerging threats and vulnerabilities in information security to gain awareness of the latest information security technologies and developments.
• Review version, patch management procedures and practices in all systems, and where necessary develop and implement measures to improve the same.
• Automate and enhance monitoring of business applications, databases and systems, including user and process activities. 
• Develop security and productivity-enhancing improvements and innovation.
• Coordinate security measures for information systems to regulate access to system data and information to prevent unauthorized modification, destruction, or disclosure of information.
• Promote security awareness to ensure system security and to improve server and network efficiency.
• Consult with users on data and information access and processing needs, to mitigate against security violations, and programming changes.
• Recommend modification or update audit monitoring systems and solutions to incorporate new applications, databases and systems, or change individual access status
• Coordinate execution of implementation plan of system changes/upgrade between IT, user departments and outside vendors to alleviate security violations
• Perform risk assessments to identify violation or vulnerabilities to procedures and execute tests on applications to ensure that data availability, confidentiality and integrity is maintained and as well guarantee compliance to standards and process activities and advise/recommend corrective action.
• Maintain access management reports and processes to identify access events, exceptions, or trends which require investigation, remediation, or mitigation
• Contribute to the information security planning, assessments, risk analysis, risk management, certification and awareness activities for system operations.

Interested applicants must possess the following;-

Job Specifications

• Bachelor of Science Degree in Computer Science, Information Technology, Electrical & Electronics Engineering or related field from a recognized Institution.
• Possess of Information Security Certification from a recognized institution will be an added advantage
• Experience and knowledge in Network, Operating Systems and Database Security will be an added advantage

Technical Capabilities & Key Competencies

1. Experience in System vulnerability checks and threats analysis including penetration testing.
2. Proficiency in computer applications as in Serve Systems administration, Database Servers, Programming and Systems analysis.
3. Understanding best practices in systems security and controls. 
4. Good project management skills.
5. Excellent planning, presentation, evaluation skills
6. Creativity and innovation
7. Drive for results and achievement
8. Insightful, proactive and future focused
9. Demonstrates high level of integrity