Job Description
PRINCIPAL SECURITY ANALYST (1 Post)
Job Ref: HR: KP1/5B.2/1/3/1225
Reporting to the Manager, Security &Business Continuity, the Principal Security Analyst,
will be responsible for the continuous monitoring of technology assets for security
Incidents that impact on confidentiality, integrity and availability of systems across the
Company. Overall security monitoring and incident response program of KPLC,
including implementation of policies and procedures on security monitoring and
incident response, by putting in place the appropriate people, processes and
technology. Containment and recovery from security incidents or breaches.
The key tasks & duties for the position include;
Primarily responsible for leading and managing a SOC team, and ensuring that
security incidents are correctly identified, analyzed, defended, investigated, and
reported.
Monitor and analyze activity on networks, servers, endpoints, databases,
applications, websites, and other systems, looking for anomalous activity that
could be indicative of a security incident or compromise.
Perform threat management & threat modelling, identify threat vectors and
develop use cases for security monitoring.
Ensure continuous integration of logs from technology assets into the SIEM to meet
the security use cases.
Manage the cyber incident response plan.
Respond to incidents in accordance with the incident response plan.
Effective communication and escalation during incident response.
Focal point of contact for cyber incidents.
Continuous improvement of the response plan.
Develop and maintain the required Information Security policies, procedures and
standard operating procedures (SOPs) in relation to the SOC and incident
response, to strengthen the current Security Operations.
Develop regular metrics, dashboards and reports for SOC operations for various
stakeholders (IT Leadership, Senior Management.
Develop SOC performance management tools.
Ensure compliance to SLA and process adherence to achieve operational
objectives.
Leadership, mentorship and performance management for direct reports.
Work closely and maintain a positive working relationship with internal teams and
outsourced partners in the remediation actions of incidents within SLA.
Direct and supervise the work of personnel and/or contractors assigned to the
department.
Job Specifications:
Bachelor’s Degree in, Information Systems, Computer Science, Information
Security or related field required.
Seven (7) years’ Technical Experience in a busy IT Environment with good
understanding of all fields of IT and an appreciation for emerging
technologies.
Relevant certifications in Information Security knowledge areas, such as
security monitoring, threat intelligence, Information Security Management
and Ethical Hacking.
Experience in security device management, and in SIEM, IPS/IDS, DLP, Active
Directory and other security technologies.
In-depth familiarity with security policies based on industry standards and best
practices
Strong knowledge of technical infrastructure including operating systems,
networks, databases, middleware etc., to address the threats against these
technologies
Strong Knowledge of: End Point Security, Internet Policy Enforcement,
Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Data
Loss Prevention (DLP),Identity and Access Management (IAM)
Proficient in reports, dashboards and documentation preparation
Work Experience
Knowledge and experience in IT technology platforms across the IT domains.
Technical skills to effectively perform IS security management activities/tasks in
a manner that consistently achieves established quality standards or
benchmarks.
Knowledge and application of modern IS security management practices to
proactively define and implement security quality improvements in line with
technological and product changes.
Knowledge and effective application of all relevant Information Security
policies, processes, procedures and guidelines to consistently achieve required
compliance standards or benchmarks.