IT Security Analyst, Technology Integration( Nairobi, Kenya)

Strategy & Planning

• Participate in the planning and design of enterprise security architecture, under the direction of the Cybersecurity Officer, where appropriate.
  
• Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the Cybersecurity Officer, where appropriate.
  
• Participate in the planning and design of disaster recovery plan, under the direction of the Cybersecurity Officer, where appropriate.
  
  

• Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
  
• Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
  
• Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise s security documents specifically.
  

Operational Management

• Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices).
  
• Maintain operational configurations of all in-place security solutions as per the established baselines.
  
• Monitor all in-place security solutions for efficient and appropriate operations.
  
• Review logs and reports of all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices). Interpret the implications of that activity and devise plans for appropriate resolution.
  
• Analyzing security breaches to identify the cause and to update incidence responses and disaster recovery plans.
  
• Participate in investigations into problematic activity.
  
• Participate in the design and execution of vulnerability assessments, penetration tests, and security audits.
  
• Provide on-call support for end users for all in-place security solutions.
  
• Conducting vulnerability testing and risk analyses to assess security and performing internal and external security audits.
  

Requirements

University degree or technical diploma in Computer Science, Information Technology, Electronic Engineer, or related fields

At least three years of relevant work experience, preferably in an international organization

One or more of the following certifications:

o At least NSE4 Fortinet

o Certified Ethical Hacker (CEH)

o ISO 27001

o Any related with cybersecurity

Experience in network infrastructure.

Familiarity with configuration management system (Example puppet).

Fluent English language skills, both written and spoken