This job listing has expired and may no longer be relevant!
6 Oct 2023

Cybersecurity Analyst at HF Group

Recruit candidates with Ease. 100% recruitment control with Employer Dashboard.
We have the largest Job seeker visits by alexa rankings. Post a Job

Resubmit your Resume Today. Click Here to Start

We have started building our professional LinkedIn page. Follow


Job Description

Housing Finance Company of Kenya was incorporated as the premier mortgage Finance Institution in Kenya licensed under the Banking Act with the CDC and the GoK owning 60% and 40% respectively.

Principle Accountabilities

  • Maintain an information system log register that is aligned to OEM and industry standards on security events logging.
  • Maintain a business use case register that is used to configure correlation rules in the various Cybersecurity monitoring tools.
  • Maintain an alert/exceptions report register that captures the items to be reported based on business use cases, frequency, the recipients etc.
  • Monitor for attacks, intrusions and unusual, unauthorized or illegal activity.
  • Monitor and respond to ‘phishing’ emails and ‘pharming’ activity.
  • Monitor identity and access management, including monitoring for abuse of permissions by authorized system users.
  • Use advanced analytic tools to determine emerging threat patterns and vulnerabilities.
  • Engage in system security testing/’ethical hacking’ – this includes simulating security breaches.
  • Investigate security alerts and provide incident response.
  • Generate reports for both technical and non-technical staff and stakeholders.
  • Test and evaluate security controls in new and existing business products.
  • Provide first-line support for all key cybersecurity systems/tools – including NAC, Anti-Virus/DLP, Content Filters, PAM, MFA, DAM, SIEM, FIM etc.
  • Maintain an inventory of system users with their roles ensuring compliance with documented policies and procedures.
  • Give advice and guidance to staff on issues such as spam and unwanted or malicious emails.
  • Liaise with stakeholders in relation to cyber security issues and provide future recommendations.
  • Keep up to date with the latest security and technology developments.
  • Research/evaluate emerging cyber security threats and ways to manage them.

Key Competencies and Skills

Technical Competencies

  • Vulnerability/Penetration testing skills of applications and infrastructure.
  • Social engineering skills.
  • Security assessments of network infrastructure, hosts and applications.
  • System audit/risk assessment skills.
  • Forensics – investigation and analysis of how and why a breach or other compromise occurred.
  • Troubleshooting skills.
  • Knowledge of the following technology controls: – Data Loss Prevention, Anti-Virus/Anti-   malware, Database Activity Monitoring, SIEM, IDS/IPS, Mail/Web filters, Vulnerability Management system, File Integrity Monitoring, Network Access Control, Privileged Access Management, Mobile Device Management, Multi-Factor Authentication etc.
  • TCP/IP, computer networking, routing and switching – an understanding of the fundamentals: the language, protocol and functioning of the internet.
  • Appreciation of ISO27001 and PCI-DSS standards.
  • C, C++, C#, Java or PHP programming languages.
  • Cloud computing security.
  • Windows, UNIX and Linux operating systems, on which most of the business world runs.

General competencies

  • Excellent report writing and communication
  • The ability to work well independently or within a team
  • Capable of meeting deadlines
  • Demonstrate Integrity and Professionalism

Minimum Qualifications, Knowledge and Experience

Qualifications- Academic and Professional

  • Undergraduate degree in Computer Science /Information Technology or related field
  • Certification in network administration and security such as CCNA
  • Certified Ethical Hacker
  • Certification in a system audit or information security related area, such as ISO/IEC 27001 Lead Auditor, CISA, CISM or CISSP

Experience

At least 3 years’ experience working either in a busy ICT environment or as consultant handling the following:

  • System logging and monitoring
  • Vulnerability assessment and Penetration testing
  • Malware analysis
  • Reverse engineering and exploit research
  • Cyber threat intelligence
  • Cybersecurity incident response
  • Digital forensics/cyber-crime investigation
  • System user access management
  • Support/administration of Cybersecurity tools


Method of Application

Submit your CV and Application on Company Website : Click Here

Closing Date : 15 October. 2023





Subscribe


Apply for this Job