Technology Security Officer
Ref: TECHNOLOGY_TSO__AUG _2012
Reporting to the Senior Manager – Technology Security, the position holder will
Identify and promote industry leading practice for Technology Security, and Security risk management for Safaricom; Ensure effective monitoring and operational management of the functional technology risks within the company’s risk management program; To plan/manage the execution of Technology Security related tasks within existing & new projects.Implement Security policies, standards and procedures; Provide technical security expertise and support to project teams to ensure the efficient use of systems and tools; Drive implementation and monitoring of security aspects of Safaricom Technology infrastructure and applications including vulnerability assessments, penetration testing and resolutions on all technical systems and Provide regular reports on various key aspects of the section’s responsibilities.The job holder’s key responsibilities will be to:Carry out security vulnerability assessments and penetration testing on Safaricom Business Systems, Data and GSM networks;Minimize and mitigate risks introduced by existing and new technologies, products and services;Advice on mitigation and resolution to the technical resources;Implement Information Security Policies, Standards, Procedures & & Minimum Baseline Standards (aka Checklist/Guideline);Provide input to defining compliance and monitoring metrics for Technology Security;Liaise with Internal & External Auditors in the implementation of System Security audits to ensure that system audit scope will add value to the risk management process.Assist Information Custodians with the resolution of system audit findings;Provide a report detailing resolutions and get sign-offs from the system custodians;Provide feedback regarding progress made on previous system audits;Develop, maintain, and troubleshoot various system security systems including (but not limited to) Content filters, Antivirus, Logging Solutions, Network and Host IDS/IPS;Ensure that all new content threats are addressed;Protect the environment from intrusions/hacks;Update the security technologies by installation of new signatures and patches;Information Security Research - ensure regular updates for all new threats to all technologies implemented in Safaricom (this includes exploits directed at GSM specific technologies);Design network security in new and existing networks;Participate in all technical projects and provide Security requirements in line with information security policies and Standard requirements.Build a security in-depth network and ensure the Firewalls, IPS/IDSs, Network authentication technologies are designed in line with Security best practices.The ideal candidate should possess the following skills & competencies:Formal 4 year Information Technology Degree from an acknowledged university;Minimum of 3 years System Security experience – in Penetration testing and Vulnerability assessments, IDS/Firewalls/VPN administration, Content filters, Security Scan tools, Network and Systems Administration ;At least one professional Information Security Qualification: CCSP/CISSP/CISM/CISA;Advanced Networking Competencies: CCNA/CCNP;Advanced understanding of the implementation of ISO27000, PCI DSS & COBIT ;Experience in the use of vulnerability assessment tools;Experience in Microsoft & Unix Operating Systems;Advanced understanding of information security technologies such as Firewalls, Host and Network-based Intrusion Detection Systems, Antivirus, web & content filtering solutions, Network Access Control etc.Applications: C, C++, ASP, Visual Basic, Java, PHP, Microsoft SQL – Advanced;Operating Systems: Windows Operating Systems (All), Linux (SuSE, Fedora/RedHat), HP Unix, Solaris and IBM AIX – Advanced;Databases: Relational Database Management Systems (RDBMS) – Oracle, MS SQL, My SQL, Pervasive SQL –Advanced MsWord; Advanced MS Excel; MS Power point – Advanced and MS Access – Intermediate Analytical and problem solving skills;Must be highly committed, self- motivated, confident, enthusiastic and have the ability to perform well under pressure;Excellent communication and documentation skills;Ability to work in a team.If you feel that you are up to the challenge and posses the necessary qualification and experience please send your resume and application letter indicating your experience and why you are the most suitable candidate for the role clearly quoting the job title to the address below. The deadline for application is Friday 31st August, 2012.The Senior Manager – Talent Acquisition
Safaricom Ltd
Nairobi
No comments:
Post a Comment