We are pleased to announce the following vacancy within the Corporate Security Division.
The Cyber Security Assurance role is responsible for conducting security reviews, vulnerability assessments & penetration tests across all client’s systems and infrastructure to ensure they remain compliant to client’s policies, standards and other industry best practices e.g. ISO27001 and PCI.
Reporting to the Senior Manager, Cyber Security Strategy & Secure by Design, the successful candidate will lend support in ensuring all new and existing systems/products/services comply with client’s security policies & standards and other industry best practices e.g. ISO27001, PCI etc. The candidate will also provide timely security assurance reports and advice to the business when required even with very tight timelines.
- Conduct periodic security reviews, vulnerability assessments & penetration tests across all of Company’s systems/infrastructure
- Ensure all new and existing systems/products/services comply with Company’s security policies & standards and other industry best practices e.g. ISO27001, PCI, GDPR etc.
- Provide timely and quality security assurance reports and advice to the business when required even with very tight deadlines
- Do regular follow ups with system custodians/owners to ensure any security risks identified are addressed within the agreed timelines
- Define Cyber Security metrics and report periodically on security compliance across all networks/systems
- Develop a monthly scorecard for each department based on how well they are performing in terms of Cyber Security compliance
- Research on new threats/technologies/vulnerabilities/security design principles etc.
- Degree in Information Security/Computer Forensics/Computer Science/Information Technology or other relevant Technical Degree
- Information security certifications e.g. CEH/CISSP/CISM/CISA/GIAC/CPTP/OSCP
- Advanced Networking certifications: CCNA/CCNP/CCSP/CCIE are also preferred
- Certifications in Microsoft Windows and Linux/Unix Operating Systems
- Demonstrate competency in the use and administration of ethical hacking tools e.g. KALI Linux, Metasploit, Nexpose, Nessus, Nmap, BurpSuite etc…
Skills and Experience
- Minimum of 3 years’ working experience in Information Systems Security – e.g. Ethical Hacking, Penetration Testing, Vulnerability Assessments, Pre-and-Post Implementation System Reviews, etc.
- Minimum of 3 years’ working experience in Networking and Operating Systems e.g. Cisco, Windows (All), Unix, Linux etc… will be an added advantage
- Working knowledge of databases e.g. Oracle, MSSQL, MariaDB, Postgress will be an added advantage
- Working knowledge of Virtualization Technologies e.g. VMware, KVM, Microsoft HyperV will be an added advantage
- Working knowledge and experience in DevOps and Micro services technologies i.e. Docker, Kubernetes, Jenkins, Github/Gitlab etc… will be an added advantage
- Working knowledge of Mobile and GSM technologies e.g. Android, IOS, 2G, 3G, LTE, USSD etc… will be an added advantage
- Excellent communication skills and a good team player
- Excellent time management skills (getting things done in a timely manner)
- Excellent report writing and presentation skills
- Very analytical and logical thinker
- Customer focused
If you feel that you are up to the challenge and possess the necessary qualification and experience, please send your resume with your cell phone contact indicating your experience and why you are the most suitable candidate for the role, clearly quoting the job title and job reference to the address below, by 11th February 2021.