Key Responsibilities

• Proactively monitor and report the security posture on all information assets as per Security Operations Center (SOC) procedures by utilizing technical tools such as SIEM, Antimalware, Database Activity Monitoring Systems, Fraud Management Systems, etc.
• Work in 24*7 shifts performing real time monitoring of security alerts generated by various security tools deployed by the SOC. Analyse and assess security alerts and escalate for further investigations and communication
• Periodically review systems within the Sacco to ensure that they are configured as per the established security baseline standards. Report any non-compliance on information security policies
• Be involved in the establishment of mechanisms for information and cyber security incident response management including monitoring, detecting, remediating, and fully investigating security breaches to establish and treat the root cause (s) to minimize future occurrences as well as perform impact analysis.
• Perform threat intelligence research, including collection of global threat intelligence and internal threats then inject actions based on analysis and recommendations.
• Offer support in cyber security awareness and training campaigns
• Document and research security breaches and assess any damage caused.
• Keep abreast with emerging issues by attending educational workshops, seminars, conferences and participating in professional societies.
• Partners: Assess external partners such as vendors' and contractors’ procedures, processes and security controls to ensure they adequately protect the organization’s business information and transactions.
• Collaboration: Work with user departments to ensure information technology threats are properly identified, analysed, communicated, investigated and corrective actions taken.

Qualifications

• Technical Skills
• Bachelor’s degree in Information Technology, Computer Science, or any other related field with relevant IT Security professional qualifications i.e. CISA/CISM/CEH or other relevant security certifications.
• 3 years’ experience in Security/Network administration with strong technical knowledge of database, network and operating systems security.
• Knowledge of various security methodologies and processes and technical security solutions (SIEM, EDR, firewall and intrusion detection systems).
• Knowledge of TCP/IP Protocols, network analysis, network protocols and network/security applications.
• Working knowledge and experience in penetration testing and vulnerability assessments.
• Knowledge of common cybersecurity threats and sources of cybersecurity information.
• Good understanding and knowledge of risk assessment, risk procedures, security assessment, vulnerability management, penetration testing.