We are pleased to announce the vacancy for a Secure by Design Specialist within Cyber Security Function. Reporting to the Secure by Design Manager, the successful candidate will lend support in ensuring all new and existing systems/products/services comply with Safaricom’s security policies & standards and other industry best practices e.g. ISO27001, CIS, Internal Cyber Security Baseline standards, etc. The candidate will also provide timely security assurance reports and advice to the business when required even with very tight timelines.
Reporting to the Senior Specialist: Cyber Security Network & Engineering, the successful candidate will lend support in the design, deployment, day-to-day operation and maintenance of Endpoint Security tools and services and ensure 99.999% uptime.
As an Endpoint Security Specialist, you will play a critical role in protecting an organization’s valuable assets and ensuring the confidentiality, integrity, and availability of sensitive information. Your expertise in endpoint security will contribute to maintaining a secure and resilient environment for the organization and its stakeholders.
- Conduct periodic security reviews, vulnerability assessments & penetration tests across all of Safaricom’s systems/infrastructure
- Ensure all new and existing systems/products/services comply with the Company’s security policies & standards and other industry best practices e.g. ISO27001, CIS and Ethiopia Data Protection Laws
- Provide timely and quality security assurance reports and advice to the business when required even with very tight deadlines
- Do regular follow-ups with system custodians/owners to ensure any security risks identified are addressed within the agreed timelines
- Define Cyber Security metrics and report periodically on security compliance across all networks/systems
- Research on new threats/technologies/vulnerabilities/security design principles etc.
- Working knowledge of Virtualization & Microservices technologies e.g. VMware, Open shift, Kubernetes, Docker etc will be an added advantage
- Working knowledge and experience in DevSecOps technologies and practices i.e. Jenkins, Jira, Github, Gitlab etc will be an added advantage
Qualifications and Educational Requirements
- Degree in Information Security/Computer Forensics/Computer Science/Information Technology or other relevant Technical Degree
- Information security certifications e.g. CEH/CISSP/CISM/CISA/GIAC/CPTP/OSCP
- Advanced Networking certifications: CCNA/CCNP/CCSP/CCIE are also preferred
- Certifications in Microsoft Windows and Linux/Unix Operating Systems
- Demonstrate competency in the use and administration of ethical hacking tools e.g. KALI Linux, Metasploit, Nexpose, Nessus, Nmap, BurpSuite etc…
- Minimum of 3 years working experience in Information Systems Security – e.g. Ethical Hacking, Penetration Testing, Vulnerability Assessments, ICT Audits, Pre-and-Post Implementation System Reviews etc…
- Minimum of 3 years working experience in Networking and Operating Systems e.g. Cisco, Huawei, Windows (All), Unix, Linux etc
How to Apply
If you feel that you are up to the challenge and possess the necessary qualifications and experience, kindly proceed to update your candidate profile on the career portal and then Click on the apply button. Remember to attach your resume.
Join Our Telegram if You did not join it Already
Join us on Telegram ስራዎችን በቴሌግራም ለመከታተል ይህንን ይጫኑ
Stay in Touch and follow us on our Social Media Platforms to Get the Latest Updates for the Latest opportunities: Facebook Page
Interested applicants can apply before the closing date of the application. For more information please read the full article
Deadline: Nov 26, 2023