Cyber Incident Response and IT Security
Continuously monitor the SIEM to identify and analyze potential security incidents and threats.
Investigate security events escalated from the service desk or managed security service providers (MSSP), determining the root cause and implementing corrective actions.
Run regular vulnerability scans using tools such as Qualys, and work with relevant teams to remediate identified vulnerabilities.
Train the service desk on SecOps processes and procedures to ensure effective initial triage of security events.
Compile and report on operational metrics to provide insights into the security posture and the effectiveness of security controls.
Leverage a Security Information and Event Management (SIEM) system for advanced threat detection and response, utilize an IT service management (ITSM) platform for efficient ticket management, and employ a social media threat monitoring and protection tool.
Research the latest in information technology security trends to keep up to date with the subject and use on the latest technology to protect information assets.
Work with the team to develop a security plan for best standards and practices for the organization.
Conduct frequent testing of simulated cyber-attacks to look for vulnerabilities in the systems and take care of these before an outside cyber-attack.
Make recommendations to managers and senior executives about security advancements to best protect the organization.
Help train junior colleagues in information security.
Key Working Relationships:
Position Reports to: Manager – Security Operations
Position directly supervises: NA
Indirect Reporting: Director, Security Operations and Engineering Team
Other Internal and/or external contacts:
Internal: IT staff across regions, HQ and Nairobi iHub, Safety and Security Team
Job Requirements:
Education
Bachelor's degree or equivalent professional experience. Prefer degree concentration in: Computer Information Systems, Management Information Systems, Computer Science
Work Experience
Min 2 years in IT security operations, 1 year in a global organization
Demonstrated Skills and Competencies
Strong knowledge of a Security Information and Event Management (SIEM) system, ITSM ticketing system, vulnerability management tools.
Ability to analyze complex security issues and provide actionable recommendations.
Excellent verbal and written communication skills for training and reporting purposes.
Certifications: Relevant certifications such as CEH, or CompTIA Security+ are a plus.
Experience: Previous experience in an operational information security role is highly desirable.