Career Opportunities at Safaricom

DESCRIPTION

We are pleased to announce the following vacancy in the Cyber Security Department within the Corporate Security division. In keeping with our current business needs, we are looking for a person who meets the criteria indicated below:

Reporting to the Senior Manager – Managed Security Services, the successful candidate will lend support in Cyber threat detection, working in 24/7 shifts, providing eyes-on-the-glass service for Managed Security Services, performing real-time monitoring and identification of security incidents. He/She will help identify suspicious activity, open incident investigation tickets and escalate any key concerns to Level 2/3 for additional analysis & communication.

Key Responsibilities:

• Work in 24*7 shifts performing real time monitoring of security alerts generated by various security tools deployed by Safaricom
• Serves as a primary point of contact for reporting potential security incidents
• Validate, classify and open tickets for security incidents
• Analyze and assess security alerts and escalate to Level 2/3 analysts for further investigations and communication
• Document security incidents as identified by the case management process
• Provide feedback on enhancing the operations of the cyber security operations Centre
• Respond to generated security alerts within the time window as defined in procedural SLAs
• Pick out potential intrusions from seemingly benign sets of audit logs or security alerts
• Triage (primary investigation) of detected security alerts and make necessary escalation decisions
• Escalation to appropriate teams, follow ups and provide assistance during remediation

QUALIFICATIONS

• Bachelor’s degree in Electrical Engineering/Computer Science/IT Security/Information Technology
• Minimum of 1 year System Security experience – in Penetration Testing and Vulnerability Assessments, IDS/Firewalls/VPN administration, Content Filters, Security Scanning tools, Network and Systems Administration.
• Minimum of 1 year focused Security experience in Incident Management/Intrusion Analysis/Reverse Engineering. Knowledge of common SIEM solutions, the purpose of them and an understanding of how they work
• Knowledge of common network protocols such as TCP/IP, HTTP, DNS, etc.
• Experience with Microsoft Windows and *NIX operating systems is required.
• Knowledge and/or experience with common security tools such as anti-virus, Intrusion Prevention Systems and Firewalls is an added advantage
• Working knowledge of these technologies or domains will be an added advantage: Cloud Technologies (Cisco UCS, EMC and VMware), CMS (Joomla, Wordpress and PHPBB), Apache, PHP, cPanel and ModSecurity.
• Knowledge and/or experience with Relational Database Management Systems (RDBMS) – Oracle, MS SQL, My SQL, Pervasive SQL is an added advantage
• Good communication and presentations skills are required
• Enthusiasm, curiosity, thirst for knowledge and passion for the job is required

go to method of application »

Reporting to the Product Owners in the respective Business Units, the position holder will be required to develop and publish enterprise solutions using best practice and new technologies including but not limited to web technologies for integration, mobile app, cloud solutions, data and source management adopting Agile in DevOps and team delivery.

Key Responsibilities

• Sound and Quality Delivery – develop, test and document APIs as allocated by the team leader. This includes preparing for CAB sessions, deployment and post go live support for APIs candidate for production promotion
• Design – assist in low level design preparation and validation of high level design as shared by the solution architect
• Analysis – participate in analysis sessions for user stories and requirements and ensure complete user requirements are captured and agreed on
• Research on new fit for future technologies and actively implement the viable solutions
• Understanding of Microservices architectures 
• Experience with Java technologies and frameworks mainly Spring and Hibernate.
• Experience in containerization platforms like Kubernetes,docker-swarms or RedHat openshift
• Demonstrate strong design and programming skills using and developing RESTful APIs using JAX-RS, JSON , Web Services, XML, XSLT, PL/SQL in UNIX and Windows environments
• Strong collaboration and communication skills within distributed Agile project teams
• Experience with event-based and message-driven distributed system like Apache Kafka ,ActiveMQ,Rabbit MQ or Tibco EMS
• Strong familiarity with web servers and load balancing technologies. 
• Experience in use of source code management systems like SVN or GIT and build tools like ant, maven, Gradle or make. 

QUALIFICATIONS

1. IT, Engineering, Computer Science/Software Engineering/IT Degree.
2. Extensive programming experience using Java J2EE, Spring, Spring boot, SQL, JMS /C++/C# .
3. Extensive experience with databases – data structures, relational data model, Stored Procedures, PL/SQL development or NoSQL DBs.
4. Extensive experience of web services/technologies - REST/JSON, WSDL, XML, JavaScript;
5. Experience with application security technologies (e.g. SSL) to ensure secure applications.
6. Experience in Agile Development/software life-cycle development (SDLC).
7. Preferred experience with Apache Tomcat application server, Glassfish and SOA.
8. Preferred experience with Linux/AIX OS’s.
9. Hands on with Maven build scripts/ Curie moving to Git Hub
10. Strong Critical thinkers/ work independent