Jobs at Equity Bank Kenya

• The Platform and Infrastructure Security Architect is primary responsibility will be to design measures to protect the corporate data from leakage. Provide requirements for implementing strategic direction and business requirements on data loss protection. 
• The Platform and Infrastructure Security Architect will ensure data loss protection design is well coordinated to achieve  full data protection on systems, network, infrastructure, and cloud, remote workers, contractors and vendors. 

Job Responsibilities/ Accountabilities: 

Architecture: 

• Involve in infrastructure design with a Security focus 
• Design Data Loss Prevention (DLP) and Information Classification tools, M365 DLP and Azure Information Protection. 
• Designing of key network and infrastructure security solutions and controls such as firewalls, SD-WAN, WAF, DDoS protection, IPS, Web Proxy, EDR. 
• Designing of SASE solutions and cloud-based service delivery of traditional security controls (e.g. content filtering, firewall) 
• Designing of cloud infrastructure security designs (IaaS and PaaS), MS Azure preferred 
• Broad knowledge of Information Security, IT and industry best practices 
• Providing technical direction on all areas of data security, including strategy, architecture roadmap, policies, standards, procedures, and governance. 
• Leading the Architecture, design and implementation guidance for Data Security program including techniques such as data obfuscation, masking, tokenization, encryption technologies. 
• Providing guidance to technical teams on architectural, design, procedural best practices for data security in hybrid environments (on-prem and cloud-based such as AWS, Azure, GCP)  
• Developing security best practices for integrations between data producers, data lake, data consumers, API, and application integrations  
• Designing & architect data protection mechanisms for protecting data at rest and data in transit  
• Develop data security best practices for protecting corporate data in M365 cloud 

Strategy: 

• Excellent understanding of best practice infrastructure and network architectures  
• Documnet and communicate security solution roadmap to head of department and the bsuiness  

Qualifications

Knowledge and Experience 

• BS/BA in Computer Science, Information Technology, Engineering, or related field AND 5+ years’ experience in technology solutions, practice development, architecture and consulting. 
• Proven success and expertise in architecting innovative security solutions primarily in a client-facing role 
• Experience giving presentations to executive audiences and explaining the benefits of the Microsoft security platform 
• Track record of delivering quality solutions as a Security technical leader 
• Deep technical knowledge of Microsoft security and identity technologies, such as Active Directory, Azure Active Directory, Microsoft Defender for Endpoint, Azure Defender for Identity, Azure Security Center/Azure Defender, Azure Sentinel, and M365 Security & Compliance technologies 
• Knowledge of Cybersecurity concepts and mitigation practices, such as Advanced Persistent Threat (APT), Credential Theft, Zero Trust, Privileged Access Management, Just-in-time Administration, etc. 
• Knowledge of Security Assessments and Reviews 

go to method of application »

• Senior Security Domain Architect will be responsible for the development of enterprise information security architectures and solutions. Develop and review architecture artifacts for Data Security,
• Infrastructure Security, Active Directory Security, Identity and Access Management, Network Security, IOT,
• Blockchain Cloud and manage adherence to architecture standards

Job Responsibilities/ Accountabilities:

• Provide expert direction in implementing Xylem’s enterprise security architecture strategy for platforms, applications, security services, network security and infrastructure, while considering potential risks in the organization’s current technology deployments, to build a successful and strong enterprise security posture
• Secure and automate capabilities through collaboration with InfoSec, Compliance, Cyber Defense, Product Security and Engineering resources.
• Define and advise on the design, implementation and processes necessary to protect information system assets
• Translate business requirements, risk assessments, high-level policies and controls towards security architecture requirements and designs for existing or new security services and projects on business and IT side.
• Participate in discussions regarding the high level IT and operational process design and implementation of security in projects
• Act as a security subject matter expert for Cloud, IOT, Blockchain, IAM, Data and Application, Network, Database and Infrastructure domain
• Additional knowledge on other domains will be used to assist other Cyber Security Domain Architects covering other security domains (for example mainframe, data, PKI and cryptography, network security, platform security, IAM, application security, devsecops etc.)
• Your stakeholders are mainly business owners/analysts, project leaders, enterprise architecture, risk management, internal/external auditors and IT engineers, developers and solution designers
• Responsible for application security but with a good working knowledge of other security domains
• (Cryptography, Identity and Access Management, Threat and Vulnerability Management, Infrastructure and Networks and Auditing, Logging and Compliance)
• Proven ability to follow global established standards in digital evidence acquisition and handling, experience with conducting digital investigations and incident responses and experience in managing insider threats and cyber and data exfiltration incidences
• Support the delivery of the 3 year Cyber security roadmap to maintain and optimize the Advanced
• Cyber Security & Emerging technologies / controls capability
• Lead the enhancement and optimization of implemented reporting mechanisms to demonstrate the value of the Advanced Cyber Security & Emerging technologies / controls function with tangible benefits
• Follow information security policies, methods, standards, National Institutes of Standard and Technology (NIST) standards and practices to organizational information systems, IT reference materials and interpret regulations
• Help coordinate the implementation of security programs across all agency platforms
• Assist with Active Directory access and Group Policies, Internet intrusion detection, Internet filtering, and monitoring of employee access, virtual private networking (LAN/WAN) security
• Assist and participate with the Senior IT Specialist as an advisor in projects to enhance or develop new IT systems, or to study the feasibility of acquiring new technology
• Strategy:
• Understand information security domain of Network, Application, Infrastructure, and Database
• Document and communicate security architecture to the GM, Enterprise Security Architecture team and the Chief Information Security Officer respectively.

Qualifications

Knowledge and Experience

• A Degree or its equivalent in Information Technology, Network Security, Enterprise Network Management, Information Security, Management Information System Computing, Engineering or similar area of study
• Minimum 10+ years of increasingly diverse and complex experience in field of Cybersecurity within a global environment, with at least a minimum of 5+ years in security architecture and network, and infrastructure security
• Network Security Architecture – Deep technical understanding of designing and securing of both WAN and LAN environments including SD WAN, MPLS, VPN, Segmentation, Micro-Segmentation,
• Factory Segmentation, Routing and Switching. Routing and Switching design, deployment and Operations
• Professional certifications such as TOGAF, SABSA or IAF architecture frameworks. CEH, CISA, CCISO, CISSP, GIAC, ISO 27001 LA/LI or specific security product certifications are an asset
• Cloud Security –Technical understanding of virtualization, cloud infrastructure, and public cloud offerings. Experience designing network security configuration and controls within cloud-based solutions in Microsoft Azure and Azure PAAS service
• Experience designing, implementing, deploying and operating vulnerability scanning infrastructure and services
• Experience selecting, testing, and supporting Endpoint Detection and Response technologies