Job purpose:

Networks and Security Officer will be responsible for information security design, implementation, optimization and maintenance of the Sacco network and telecommunications components, server infrastructure, endpoint devices and related hardware in line with business requirements and strategic priorities.

Responsibilities or duties:

Key Duties & Responsibilities:

• Carry out internal and external penetration tests on Saccos’s platforms.
• Innovate and model new red teaming techniques for the security team.
• Carry out awareness campaigns to staff and stakeholders on cyber security matters.
• Collaborate with the information security functions to maintain records of all data assets and exports.
• Produce accurate, interactive, digestible information security reports with associated mapping and dashboards.
• Provide research, incident analysis and evaluation, presentation, and report production on a weekly basis.
• Be part of a 24-hour active monitoring and analysis of the Sacco networks for malicious activity through Security Incident and Event Management (SIEM) reporting. Including responding to and investigating alerts, assisting with developing new security monitoring use cases, and ensuring all investigative activity is properly documented and followed up with relevant support teams.
• Conduct proactive cyber threat research and analysis. Monitoring open-source intelligence sources for potential threats against Sacco, and ensure appropriate defensive actions are taken with respect to these.
• Analyze a variety of network and host-based security appliance logs (Firewalls, IPS, NIDS, HIDS, Sys Logs, etc.) to determine the corrective or mitigation actions and escalation paths for each incident.
• Independently follow procedures to report, contain, analyze, and remediate security incidents.
• Be available, on-call, to rapidly troubleshoot any problems resulting from infrastructure changes, security breaches, or other unplanned/unforeseen circumstances.
• Offer first level ICT user support and administration of various Sacco systems.
• Perform any other duty assigned from time to time.

Qualifications or requirements 

Knowledge: Qualifications & Experience

• Bachelor’s degree in information technology, computer science or its equivalent.
• Show competence in Cyber Security through CTFs or learning platforms.
• CISSP CISA/CISM/CEH/Certified SOC analyst (CSA)/Security+/Network+/CCNA/SSCP or other related certifications.
• Technical knowledge of database, network, and operating system security.
• Knowledge of various security methodologies and processes, and technical security solutions (firewall and intrusion detection systems).
• Knowledge and experience using one or more tools related to SIEM, intrusion detection and prevention systems, network security managers, firewalls, and end point logging.
• Knowledge of TCP/IP Protocols, network analysis, and network/security applications.
• Strong written communication skills in report writing for incident reporting.
• Knowledge of specific tools and languages such as Wireshark, PowerShell, Python and SQL knowledge highly desirable.

Personal Attributes required for this role:

• Excellent communication and interpersonal skills
• Decision making and problem-solving skills
• Innovation and creativity
• Project management skills
• Understanding and willingness to work in a diverse team that supports the ICT function.
• Analytical mindset and the ability to organize and present information in a coherent and understandable manner.
• Highly motivated and able to work independently.

Experience needed:

At least three (3) years’ experience in system security and administration.

• Carry out internal and external penetration tests on Saccos’s platforms.
• Innovate and model new red teaming techniques for the security team.
• Carry out awareness campaigns to staff and stakeholders on cyber security matters.
• Collaborate with the information security functions to maintain records of all data assets and exports.
• Produce accurate, interactive, digestible information security reports with associated mapping and dashboards.
• Provide research, incident analysis and evaluation, presentation, and report production on a weekly basis.
• Be part of a 24-hour active monitoring and analysis of the Sacco networks for malicious activity through Security Incident and Event Management (SIEM) reporting. Including responding to and investigating alerts, assisting with developing new security monitoring use cases, and ensuring all investigative activity is properly documented and followed up with relevant support teams.
• Conduct proactive cyber threat research and analysis. Monitoring open-source intelligence sources for potential threats against Sacco, and ensure appropriate defensive actions are taken with respect to these.
• Analyze a variety of network and host-based security appliance logs (Firewalls, IPS, NIDS, HIDS, Sys Logs, etc.) to determine the corrective or mitigation actions and escalation paths for each incident.
• Independently follow procedures to report, contain, analyze, and remediate security incidents.
• Be available, on-call, to rapidly troubleshoot any problems resulting from infrastructure changes, security breaches, or other unplanned/unforeseen circumstances.
• Offer first level ICT user support and administration of various Sacco systems.
• Perform any other duty assigned from time to time.

• Excellent communication and interpersonal skills
• Decision making and problem-solving skills
• Innovation and creativity
• Project management skills
• Understanding and willingness to work in a diverse team that supports the ICT function.
• Analytical mindset and the ability to organize and present information in a coherent and understandable manner.
• Highly motivated and able to work independently.
• Technical knowledge of database, network, and operating system security.
• Knowledge of various security methodologies and processes, and technical security solutions (firewall and intrusion detection systems).
• Knowledge and experience using one or more tools related to SIEM, intrusion detection and prevention systems, network security managers, firewalls, and end point logging.
• Knowledge of TCP/IP Protocols, network analysis, and network/security applications.
• Strong written communication skills in report writing for incident reporting.
• Knowledge of specific tools and languages such as Wireshark, PowerShell, Python and SQL knowledge highly desirable.

• Bachelor’s degree in information technology, computer science or its equivalent.
• Show competence in Cyber Security through CTFs or learning platforms.
• CISSP CISA/CISM/CEH/Certified SOC analyst (CSA)/Security+/Network+/CCNA/SSCP or other related certifications.