Closing Date
Sep
14
REF: ISA/7/9/2018 – INFORMATION SECURITY ANALYST
The Job holder will be part of the bank’s management team and will be will be responsible for assessing and monitoring the Bank’s application and digital products, including their network setup and document any security issues or breaches identified for resolution.
Responsibilities
The Incumbent will report to the Senior Manager – Information Security and will be responsible for:
Unix, Linux, Windows, operating systems
Well-known networking protocols and services (FTP, HTTP, SSH, SMB, LDAP, etc.)
Packet analysis and Regular expressions
Database structures and queries
The General Manager-Human Resources
I&M Bank Limited
I&M Tower, Kenyatta Avenue
P.O Box 30238 – 00100, Nairobi
Or email: recruit@imbank.co.ke (preferred)
The Job holder will be part of the bank’s management team and will be will be responsible for assessing and monitoring the Bank’s application and digital products, including their network setup and document any security issues or breaches identified for resolution.
Responsibilities
The Incumbent will report to the Senior Manager – Information Security and will be responsible for:
- Performing an oversight role on the security of web/mobile applications and software development activities for digital applications.
- Maintaining and administering tools necessary to secure end points and provide recommendations for improvements specifically web/mobile application firewalls.
- Event remediation and incident response activities for web/mobile applications.
- Recommending security measures and operating the software to protect systems and information infrastructure, including firewalls and data encryption programs.
- Working with the Cyber Security team to perform tests & uncover network vulnerabilities.
- Fixing detected vulnerabilities to maintain a high-security standard.
- Researching on security enhancements on applications and make recommendations to management.
- Developing and executing formal web/mobile application security test plans to ensure the delivery of quality software applications.
- Test planning, preparation and communication with relevant departments.
- Performing web/mobile application attack & penetration (A&P) testing to find security issue such as risks, defects and logical errors on developed applications.
- Collecting and analyzing security data from manual, automatic and static source code review of web/mobile applications
- Documenting all web/mobile application related issues and assisting in their resolution prior to application go live.
- Delivery of security training and education to technical staff with findings and acts as an internal security consultant to advise or influence business or technical partners.
- Maintaining suitable knowledge of threats, risk assignment, remediation strategies, security tools, testing techniques, and security research
- Understanding of Web/mobile Services technologies such as XML, SOAP, and SAML
- Bachelor’s degree in Computer Science, Information Technology or Equivalent from a recognized institution.
- A security certification including but not limited to CEH, CISA, CISM, OWASP, etc.
- At least 5 years relevant work experience in conducting web/mobile application security testing of mission critical applications.
- Knowledge of web/mobile application and application development security testing Processes and Strategies
- Experience with commercial and open source web/mobile application assessment and auditing packages
- Secure code review experience using automated toolsets
- Demonstrated proficiency with CSA controls matrix, OWASP Top 10 and industry standard of web/mobile security and application development security standards
- Ability to demonstrate understanding of vulnerability remediation
- Familiarity with malicious code identification and common hacker attack techniques
- Significant practical knowledge in the following areas:
Unix, Linux, Windows, operating systems
Well-known networking protocols and services (FTP, HTTP, SSH, SMB, LDAP, etc.)
Packet analysis and Regular expressions
Database structures and queries
- Excellent communication and interpersonal skills; ability to communicate: write clearly and speak authoritatively to both business and tech audiences
- Demonstrated critical thinking, analytical and problem solving skills to diagnose and troubleshoot technical issues
- Strong planning and organization skills;
- Keeping abreast with latest technology and ability to learn new technologies and concepts quickly
- Ability to operate within 24 Hour shifts as and when required
How to Apply
If you believe you meet the above requirements, send your application together with a comprehensive curriculum indicating your qualifications, present position, contact and names of three referees. Your application should reach the below address on or before 14th September 2018. Please quote the reference number followed by the position applied for in the applicationThe General Manager-Human Resources
I&M Bank Limited
I&M Tower, Kenyatta Avenue
P.O Box 30238 – 00100, Nairobi
Or email: recruit@imbank.co.ke (preferred)
Treat any job employment advert that requires you to send any money for "processing" as a scam. Do not apply or agree to send any money to any employer for any job application.