Safaricom is the leading provider of converged communication solutions in Kenya. In addition to providing a broad range of first-class products and services for Telephony, Broadband Internet and Financial services, Safaricom seeks to uplift the welfare of Kenyans through value-added services and support for community projects.

SUMMARY

Reporting to the Team Leader – Cyber Defense Centre (CDC), the successful candidate will lend support in Cyber threat detection, working in 24/7 shifts, providing eyes-on-the-glass service at the Safaricom CSOC, performing real-time monitoring and identification of security incidents. He/She will help identify suspicious activity, open incident investigation tickets, and escalate any key concerns to Level 2/3 for additional analysis & communication. Additionally, he/she will take up tasks in threat research, threat simulation, content engineering and infrastructure management

RESPONSIBILITIES

• Work in 24*7 shifts performing real time monitoring of security alerts generated by various security tools deployed by Safaricom
• Serves as a primary point of contact for reporting potential security incidents
• Validate, classify and open tickets for security incidents
• Analyze and assess security alerts and escalate to Level 2/3 analysts for further investigations and communication
• Document security incidents as identified by the case management process
• Provide feedback on enhancing the operations of the cyber security operations Centre
• Respond to generated security alerts within the time window as defined in procedural SLAs
• Pick out potential intrusions from seemingly benign sets of audit logs or security alerts
• Triage (primary investigation) of detected security alerts and make necessary escalation decisions
• Escalation to appropriate teams, follow ups and help during remediation.
• Take part in purple team activities.
• Review threat intelligence and take part in threat intel activities.
• Carry out content engineering tasks assigned.
• Take up threat hunting tasks.

QUALIFICATIONS

• Bachelor’s degree in Electrical Engineering/Computer Science/IT Security/Information Technology
• Knowledge of common SIEM solutions, the purpose of them and an understanding of how they work
• Knowledge of common network protocols such as TCP/IP, HTTP, DNS, etc.
• Experience with Microsoft Windows and *NIX operating systems is required.
• Knowledge and/or experience with common security tools such as anti-virus, Intrusion Prevention Systems and Firewalls is an added advantage
• Knowledge and/or experience with Relational Database Management Systems (RDBMS) – Oracle, MS SQL, My SQL, Pervasive SQL is an added advantage
• Good communication and presentations skills are required
• Enthusiasm, curiosity, thirst for knowledge and passion for the job is required
• Analytical thinking
• Customer focused. Team spirit
• Learning agility