INFORMATION SECURITY ANALYST

Job Closed!
Company:I & M BANK
Category:IT & Telecommunication
Job Type:Permanent
Location:Nairobi

Job details

 Key responsibilities:

The Incumbent will report to the Senior Manager – Information Security and will be responsible for:

  • Performing an oversight role on the security of web/mobile applications and software development activities for digital applications.
  • Maintaining and administering tools necessary to secure end points and provide recommendations for improvements specifically web/mobile application firewalls.
  • Event remediation and incident response activities for web/mobile applications.
  • Recommending security measures and operating the software to protect systems and information infrastructure, including firewalls and data encryption programs.
  • Working with the Cyber Security team to perform tests & uncover network vulnerabilities.
  • Fixing detected vulnerabilities to maintain a high-security standard.
  • Researching on security enhancements on applications and make recommendations to management.
  • Developing and executing formal web/mobile application security test plans to ensure the delivery of quality software applications.
  • Test planning, preparation and communication with relevant departments.
  • Performing web/mobile application attack & penetration (A&P) testing to find security issue such as risks, defects and logical errors on developed applications.
  • Collecting and analyzing security data from manual, automatic and static source code review of web/mobile applications
  • Documenting all web/mobile application related issues and assisting in their resolution prior to application go live.
  • Delivery of security training and education to technical staff with findings and acts as an internal security consultant to advise or influence business or technical partners.
  • Maintaining suitable knowledge of threats, risk assignment, remediation strategies, security tools, testing techniques, and security research
  • Understanding of Web/mobile Services technologies such as XML, SOAP, and SAML

Qualifications and Competencies:

  • Bachelor’s degree in Computer Science, Information Technology or Equivalent from a recognized institution.
  • A security certification including but not limited to CEH, CISA, CISM, OWASP, etc.
  • At least 5 years relevant work experience in conducting web/mobile application security testing of mission critical applications.
  • Knowledge of web/mobile application and application development security testing Processes and Strategies
  • Experience with commercial and open source web/mobile application assessment and auditing packages
  • Secure code review experience using automated toolsets
  • Demonstrated proficiency with CSA controls matrix, OWASP Top 10 and industry standard of web/mobile security and application development security standards
  • Ability to demonstrate understanding of vulnerability remediation
  • Familiarity with malicious code identification and common hacker attack techniques
  • Significant practical knowledge in the following areas:
    • Exploits, vulnerabilities, networks and network attacks
    • Unix, Linux, Windows, operating systems
    • Well-known networking protocols and services (FTP, HTTP, SSH, SMB, LDAP, etc.)
    • Packet analysis and Regular expressions
    • Database structures and queries
  • Excellent communication and interpersonal skills; ability to communicate: write clearly and speak authoritatively to both business and tech audiences
  • Demonstrated critical thinking, analytical and problem solving skills to diagnose and troubleshoot technical issues
  • Strong planning and organization skills;
  • Keeping abreast with latest technology and ability to learn new technologies and concepts quickly
  • Ability to operate within 24 Hour shifts as and when required

 

 

 

Apply Here

Be the first to know about a job posting, subscribe SMS Alerts. »
IT & Telecommunication I & M BANK 2 months ago
JOB CATEGORIES