In keeping with our current business needs, we are looking for a person who meets the criteria indicated below:
System Security Administrator
Ref: TECHNICAL-SSA-FEB 2012
Reporting to the Manager Systems Security; the holder of the position will plan/manage the execution of system Security related tasks within existing & new projects; Implement Security policies, standards and procedures; Provide technical security expertise and support to project teams to ensure the efficient use of systems and tools.
- Security vulnerability assessments and penetration testing on IT Business Systems, Data and GSM networks;
- Minimize and mitigate risks introduced by existing and new information technologies and services ;
- Advice on mitigation and resolution to the technical resources;
- Implement Information Security Policies, Standards, Procedures & & Minimum Baseline Standards (aka Checklist/Guideline);
- Provide input to defining compliance and monitoring metrics for system Security;
- Liaise with Internal & External Auditors in the implementation of System Security audits to ensure that system audit scope will add value to the risk management process.
- Assist Information Custodians with the resolution of system audit findings. Provide a report detailing resolutions and get sign-offs from the system custodians;
- Provide feedback regarding progress made on previous system audits.
- Develop, maintain, and troubleshoot various system security systems including Content filters, Antivirus, Network and Host IDS/IPS;
- Ensure that all new content threats are addressed and Protect the environment from intrusions/hacks;
- Update the security technologies by installation of new signatures and patches;
- Information Security Research – ensure regular updates for all new threats to all technologies implemented in Safaricom (this includes exploits directed at GSM specific technologies);
- Design and advice on Security implementations for all new systems within the technical division;
- Design network security in new and existing networks;
- Participate in all technical projects and provide Security requirements in line with information security policies and Standard requirements.
- Build a security in-depth network and ensure the Firewalls, IPS/IDSs, Network authentication technologies are designed in line with Security best practices.
- Formal 4 year Information Technology Degree from an acknowledged Tertiary Institution
- Minimum of 5 years System Security experience – in Penetration testing and Vulnerability assessments, IDS/Firewalls/VPN administration, Content filters, Security Scan tools, Network and Systems Administration ;
- Professional Information Security Qualification: CCSP/CISSP/CISM/CISA;
- Advanced Networking Competencies: CCNA/CCNP;
- Advanced understanding of the implementation of ISO27000, PCI DSS & COBIT;
- Experience in the use of vulnerability assessment tools;
- Experience in Microsoft & Unix Operating Systems;
- Advanced understanding of information security technologies such as Firewalls, Host and Network-based Intrusion Detection Systems, Antivirus, web & content filtering solutions, Network Access Control etc;
- Analytical and problem solving skills;
- Must be highly committed, self- motivated, confident, enthusiastic and have the ability to perform well under pressure;
- Excellent communication and Ability to work in a team.
If you feel that you are up to the challenge and possess the necessary qualification and experience please send your resume and application letter indicating your experience and why you are the most suitable candidate for the role clearly quoting the job title to the address below.
The deadline for application is Wednesday, 7th March 2012.
The Senior Manager – Talent Acquisition
Via E-mail to firstname.lastname@example.org