Careers at Safaricom Kenya

Job Description

Reporting to the Chapter lead, Fraud Investigations, the individual is responsible for carrying out Fraud Investigations, data analysis, Systems Forensic acquisitions & analysis and manage customer fraud related escalations.

Responsibilities

Risk Analysis, and Audit 

• Proactively conduct Fraud Reviews in critical or high fraud risk areas across the business.
• Able to develop workflows for new and existing data.
• Highly proficient in data analysis using multiple toolsets.
• Can develop audience specific insights using presentation tools
• Can develop standard monitoring reports to monitor KPI performance
• Can engage internal and external partners to review and present insights

Forensic reviews and Investigations

• Able to conduct and manage fraud investigations of cases assigned.
• Able to identify links between objects, events, people and location using link analysis methods to develop evidence flow.
• Able to prepare planned and Adhoc reports on insights arising out of investigations done.
• Able to represent Safaricom before court on fraud related matters.
• Can propose recommendations to improve control weaknesses identified during investigations.
• Understands and utilizes Chain of custody principles while handling evidence
• Able to conduct forensic acquisition and storage of electronic evidence from electronic devices.
• Able to conduct analysis and reporting of electronic evidence.
• Can report to law enforcement agencies, cases of staff engaged in Fraud against customers and/or Safaricom.
• Able to engage and guide law enforcement agencies with relevant legally acceptable information to apprehend and prosecute suspects.
• Able to create and maintain a robust and risk-based intelligence-gathering network in all areas of business.

Data analytics and Mining

• Able to query/mine data from different sources using different scripting tools e.g. SQL, Python etc.
• Able to develop workflows for new and existing data
• Uses a variety of analytical tools to give insights and derive trends for given fraud scenarios
• Ability to carry out second level analysis on emerging fraud trends
• Highly proficient in data analysis using multiple toolsets.
• Can develop audience specific insights using presentation tools
• Can develop standard monitoring reports to monitor KPI performance
• Can engage internal and external partners to review and present insights.

Automation, reporting and tooling

• Understanding of fraud risk landscape for GSM/MPESA frauds
• Specialized fraud risk knowledge in one specific business area
• Ability to engage different stakeholders required in automation journey
• Can identify opportunities in collaboration with Stakeholders to minimize manual handshakes of data and reports
• Ability to design practical automated solutions.

Qualifications

• Minimum education qualifications required - Bachelor's degree in a Business or Computing related discipline
• Good working knowledge of Agile methodology ways of working.
• Certification in a fraud related discipline, such as Certified Fraud Examiner (CFE).
• Certification in Digital forensics and/or incident response will be an added advantage.
• Proven hands-on fraud investigations experience in a financial environment for a minimum period of 2 years.
• Knowledgeable in identifying indicators of fraud through data mining and analysis exercises.
• Good knowledge of GSM network business models and processes.
• A conceptual thinker able to work independently.
• Good communication skills - written and verbal - to succinctly present findings and communicate with a variety business partners

go to method of application »

Detailed Description

Reporting to the Database Administration manager planning, the position holder will be responsible for Administration, Performance tuning and 3rd line support of ALL Safaricom Enterprise Database (DB) Systems that include DBs for Oracle e-Business Suite (ERP), Business Intelligence (BI) Systems, CRM, Fraud Management, Revenue Assurance, POS, E-Commerce and all other IT database systems. The databases span from Oracle, MySQL, Microsoft SQL, PostgreSQL, Mongo, Cassandra and cloud related database platforms. 

Key Responsibilities

• Database administration and support lifecycle including backup/recovery, automation, maintenance.
• Ensure 99.99% availability maintained for all critical databases.
• Ensure tickets raised are responded to within the agreed SLA.
• Test BCP and HA solutions for critical systems to achieve zero downtime during maintenance and failures.
• Ensure Conformance to security standards for databases and data integrity.
• Ensure regular reviews on information lifecycle management policies is conducted.
• Ensure optimal performance of all systems maintained conforming to the SLA agreements between business and Quality Assurance. 
• Implement open-source databases as an alternative to existing proprietary solutions. 

Qualifications

• Degree in Computer Science or Technical Related Field.
• With at least 4 years hands on Experience in Managing large databases.
• Experience in NoSQL databases, MySQL, PostgreSQL and other Open Source databases platforms.
• Experience in Oracle RAC, Dataguard, RMAN and Engineered systems.
• Experience in Linux/Unix Operating system.
•  Database Systems Administration Techniques – understanding of DB Performance tuning on various Operating Systems, good troubleshooting skills, Database Migration and ILM techniques.
• Attention to details and analytical thinking.
•  Certifications –OCP, OCE; EXADATA Administration; MSSQL Server Administration; Cloud Databases Administration; Linux/ UNIX certification

go to method of application »

Job Description

The Cyber Defense Center (CDC) team is responsible for monitoring, assessing, and defending Safaricom Enterprise Information Systems. The team continuously develops and investigates correlated security event feeds, escalating any identified security incidents. The team also carries out threat hunting purple team activities to improve the detection of incidents. The team also crafts detection logic for incidents and maintain the logging infrastructure. They are the primary contact for any suspected security incidents, working together with remediation teams, resolving incidents, and foiling Cyber Security threats against the Safaricom Brand.

Reporting to the Team Leader – Cyber Defense Centre (CDC), the successful candidate will lend support in Cyber threat detection, working in 24/7 shifts, providing eyes-on-the-glass service at the Safaricom CSOC, performing real-time monitoring and identification of security incidents. He/She will help identify suspicious activity, open incident investigation tickets, and escalate any key concerns to Level 2/3 for additional analysis & communication. Additionally, he/she will take up tasks in threat research, threat simulation, content engineering and infrastructure management

Responsibilities 

• Work in 24*7 shifts performing real time monitoring of security alerts generated by various security tools deployed by Safaricom
• Serves as a primary point of contact for reporting potential security incidents
• Validate, classify and open tickets for security incidents
• Analyze and assess security alerts and escalate to Level 2/3 analysts for further investigations and communication
• Document security incidents as identified by the case management process
• Provide feedback on enhancing the operations of the cyber security operations Centre
• Respond to generated security alerts within the time window as defined in procedural SLAs
• Pick out potential intrusions from seemingly benign sets of audit logs or security alerts
• Triage (primary investigation) of detected security alerts and make necessary escalation decisions
• Escalation to appropriate teams, follow ups and help during remediation.
• Take part in purple team activities. 
• Review threat intelligence and take part in threat intel activities. 
• Carry out content engineering tasks assigned. 
• Take up threat hunting tasks. 

Qualifications

• Bachelor’s degree in Electrical Engineering/Computer Science/IT Security/Information Technology
• Knowledge of common SIEM solutions, the purpose of them and an understanding of how they work
• Knowledge of common network protocols such as TCP/IP, HTTP, DNS, etc.
• Experience with Microsoft Windows and *NIX operating systems is required.
• Knowledge and/or experience with common security tools such as anti-virus, Intrusion Prevention Systems and Firewalls is an added advantage
• Knowledge and/or experience with Relational Database Management Systems (RDBMS) – Oracle, MS SQL, My SQL, Pervasive SQL is an added advantage
• Good communication and presentations skills are required
• Enthusiasm, curiosity, thirst for knowledge and passion for the job is required
• Analytical thinking
• Customer focused. Team spirit
• Learning agility