Job Description
Required by Skyline Sacco, a Deposit Taking Sacco with the Head Office at Eldama Ravine and branches in Baringo and its environs.
Primary Responsibilities
Responsible for safeguarding information assets, preventing unauthorized access and attacks on IT systems, actively monitoring systems for security threats and conducting thorough analysis and reporting on identified threats and intrusion attempts.
Key Responsibilities
• Active monitoring and analysis of the Sacco networks for malicious activity through Security Incident and Event Management (SIEM) reporting.
• Carry out internal and external penetration tests on Sacco’s platforms.
• Compliance Assurance:
• Conduct routine security assessments and risk analyses.
• Cultivate a culture of heightened security awareness within the organization.
• Deploy endpoint detection and prevention tools to thwart malicious hacks.
• Develop and maintain an incident response plan.
• Educate staff on security best practices by carrying out awareness campaigns on cybersecurity matters.
• Engage in ‘ethical hacking’, for example, simulating security breaches.
• Ensure compliance with regulatory standards and best practices.
• Follow up on detected security issues and implement solutions to reduce security risks.
• Generate reports for both technical and non-technical staff and stakeholders.
• Identify IT security weaknesses and implement solutions.
• Implement measures, such as firewalls and encryption, to address potential weaknesses.
• Implement and manage robust security protocols.
• Implement vulnerability management systems across all assets on-premises and in the cloud.
• Lead investigations and manage responses during security incidents.
• Liaise with stakeholders concerning IT security issues and provide future recommendations.
• Monitor access to all bank systems and maintain access control profiles on computer networks and systems.
• Monitor adherence to data protection laws and internal policies.
• Monitor for attacks, intrusions, and unusual, unauthorized, or illegal activity.
• Monitor identity and access management, including monitoring for abuse of permissions by authorized system users.
• Oversee incident response planning as well as the investigation of security breaches and assist with disciplinary and legal matters associated with such breaches as necessary.
• Perform regular audits to ensure security practices are compliant.
• Produce accurate, interactive, digestible information security reports with associated mapping and dashboards.
Requirements
• Bachelor’s Degree in Information Technology, Computer Science, or a related field, along with professional certifications.
• Three (3) years of hands-on experience in IT security.
• Demonstrated proficiency in systems security management, requiring a minimum of three years’ experience in system security and administration.
• Excellent communication, problem-solving, decision-making skills, attention to detail, creativity, and project management skills.
• Strong IT skills and knowledge including hardware, software, and networks.
• Ability to use logic and reasoning to identify the strengths and weaknesses of IT systems.