297 Director Of Security jobs in Kenya

Role Summary
To support the administration and management of Security Services across the Global IT function. Working within the SecOps function, the role will serve to grow and maintain a disciplined IT security function which safeguards IT assets, business information and workers from security and compliance breaches.

Responsibilities:

• Manage and maintain the portfolio of IT Security tools in operation at CloudFactory, keeping track of security events and remediating security related issues where possible
• Maintain compliance standards in support of security controls for endpoint devices across CF (e.g AV, Patch mgmt etc)
• Review and test system, web and mail policies, always seeking to reduce risk through strong DLP, encryption and security posturing (when possible)
• Baseline user security according to our published security policies ( Acceptable use, Password Policy etc). Provide feedback to relevant parties in regard to policy update requirements or policy compliance issues.
• Support and assist in the management of security related issues via our internal tools (ITSM, Risk Register) whilst following the appropriate escalation channels.
• Stay informed of security related news, industry trends and vendor updates to provide expertise around new security developments, reported breaches and emerging vulnerabilities across the industry
• Help to maintain strong communication channels to the wider business to help ensure that staff are well informed of security vulnerabilities, online threats and growing security trends
• Help to educate and raise user awareness in effective security practices, identify training platforms and education opportunities to widen information security awareness and knowledge
• Support business endeavours in achieving and adhering to industry-led security standards (ISO27001, SOC2 etc)
• Provide functional knowledge and guidance in relation to operations and controls to support the wider business and our Clients
• Identify and highlight security gaps, weaknesses and opportunities for improvement.

Process and Policy

• Assist in supporting the internal and external audits process, through info gathering and action tracking
• Support the development of key security processes; business impact assessments, security response plans and end user security policies
• Help to maintain the InfoSec document portal, working to ensure that document control standards are met
• Work with the IT Service Delivery function to ensure that risks are being recorded within the relevant Risk Register whilst making sure to log and track risks that emerge from scans, audits etc
• Work to champion the presence of the risk register to ensure that internal staff are mindful of the need to report any form of operational or system risk which may impact the business
• Maintain a good awareness of data privacy regulations such as GDPR, HIPAA etc whilst helping to ensure that the business adheres to good practise and defined processes
• Produce, maintain and manage policy documentation. Addressing any policy gaps and advising the business over policy use.

Requirements

• KITSM background with good exposure to the ITIL framework
• Broad IT knowledge with strong awareness of Network, Cloud and Infrastructure technologies and concepts
• Have a good understanding of IT security concepts within each layer of a business environment. (From Endpoint to Edge)
• A strong aptitude towards learning and discovery
• Able to take technical ownership over a given taskproject
• Advanced analytical and structured problem solving abilities
• Flexibility/Adaptability: fast to respond, thinks on feet, track record of adapting, thinking outside the box, open mind to new tools and changing processes
• Ideas generator and innovator: always asking Why? How?
• Self-starter requiring little supervision to complete tasks independently, curious, self-developer
• Can work across different business functions, communicating at all levels and can demonstrate strong collaboration skills to achieve set goalsobjectives
• Good written and verbal communication skills with proven ability to write highly technical reports and documentation
• Being able to explain complex issues in simple terms

Benefits

• Competitive Compensation
• We are connected to the first (Hybrid work model)
• Community service opportunities
• High growth globally scaling company culture
• A mission you can stand by
• Room for growth We prefer to promote from within rather than hire from without

At CloudFactory, we believe that work should be more than just a job—it should be a platform for growth, impact, and community. Here, you'll earn with purpose, learn every day, and serve a mission that truly matters. If you're looking for a career where you can develop professionally, contribute meaningfully, and be part of a global movement, we'd love to have you on this journey

Join us today and be part of our mission to connect people and technology for a better world Apply now and bring your whole, authentic self to work—we can't wait to meet you

HFC Limited, the banking and property finance subsidiary of HF Group, has an exciting opportunity in our ICT Department. We are seeking a talented, dynamic, self-driven, and results-oriented individual who is committed to performance, excellence, and participating in our growth strategy.

The SOC Analyst's role is to monitor, detect, and respond to security incidents across the company's IT infrastructure. The role holder is responsible for identifying and mitigating threats, analyzing security data, and ensuring the organization's network and data remain secure.

Deadline:

Category: ICT

Subsidiary: HFC

Principle Accountabilities

• Monitor and analyze security events and alerts generated by the company's security tools, such as SIEM (Security Information and Event Management) systems.
• Respond to and investigate security incidents, including malware infections, phishing attempts, unauthorized access, and other potential threats.
• Conduct in-depth analysis of security events to determine root causes and assess potential impacts.
• Collaborate with IT and other departments to resolve incidents and implement preventative measures.
• Perform vulnerability assessments and penetration testing to identify potential weaknesses in the network or systems.
• Stay updated on emerging security threats and recommend improvements to enhance the company's security posture.
• Create detailed reports on security incidents, trends, and mitigation strategies for management and technical teams.
• Ensure compliance with relevant security standards and regulations, such as GDPR, ISO 27001, and NIST.
• Participate in the development and enhancement of security policies, procedures, and best practices

Key Competencies and Skills

The ideal candidate will have hands-on experience in cybersecurity, strong analytical skills, and familiarity with various security tools and protocols. General Competencies

Minimum Qualifications, Knowledge And Experience
Academic & Professional

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• Certifications such as CompTIA Security+, CEH (Certified Ethical Hacker), or CISSP are highly desirable.

Experience

• Proven experience as a SOC Analyst or in a similar cybersecurity role.
• Strong understanding of network security, endpoint security, and threat detection techniques.
• Experience with security tools such as SIEM platforms (Splunk, IBM QRadar, etc.), firewalls, IDS/IPS, and antivirus software.
• Familiarity with incident response, forensic analysis, and malware investigation.
• Knowledge of scripting and automation for security tasks (Python, Bash, etc.) is a plus.
• Strong problem-solving and analytical skills with attention to detail.
• Excellent communication and teamwork skills, with the ability to collaborate across departments.
• Ability to work in a fast-paced environment and handle multiple security events simultaneously.

• Monitor security systems and alerts for potential threats and vulnerabilities.
• Investigate security incidents, determine scope, and implement containment strategies.
• Analyze security logs and event data using SIEM tools to identify suspicious activities.
• Perform forensic analysis of security breaches to determine root cause and impact.
• Develop and execute incident response plans and playbooks.
• Stay current with emerging threats, vulnerabilities, and attack vectors.
• Conduct regular vulnerability assessments and penetration testing.
• Collaborate with IT and development teams to implement security controls and remediate vulnerabilities.
• Develop and maintain security documentation, policies, and procedures.
• Provide security awareness training to employees.
• Participate in threat hunting activities to proactively identify and neutralize threats.
• Contribute to the continuous improvement of security operations processes and technologies.
• Manage and configure security tools, including firewalls, IDPS, and endpoint protection.

• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent experience.
• 5+ years of experience in information security, with a focus on security operations and incident response.
• Proficiency with Security Information and Event Management (SIEM) tools (e.g., Splunk, QRadar, LogRhythm).
• Experience with intrusion detection/prevention systems (IDPS), firewalls, and endpoint security solutions.
• Strong understanding of network protocols, operating systems, and common attack vectors.
• Knowledge of forensic investigation techniques and tools.
• Relevant security certifications such as CISSP, CEH, or GSEC are highly desirable.
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong communication and interpersonal skills, essential for remote collaboration.
• Ability to work independently and manage multiple priorities in a fast-paced environment.
• Experience with threat intelligence platforms and malware analysis is a plus.

• Design, implement, and manage security tools and technologies (SIEM, IDS/IPS, Firewalls, etc.).
• Develop and maintain threat detection and response capabilities.
• Lead security monitoring and event analysis to identify potential threats.
• Conduct threat hunting exercises and analyze security logs.
• Perform forensic investigations of security incidents.
• Develop and implement security automation and orchestration solutions.
• Contribute to cloud security strategy and implementation (AWS, Azure, GCP).
• Ensure the integrity and availability of security infrastructure.
• Stay updated on the latest cybersecurity threats, vulnerabilities, and attack techniques.
• Collaborate with IT teams to implement security best practices and remediation measures.
• Create comprehensive reports on security operations, incidents, and recommendations.

• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
• 5+ years of experience in security operations, network security engineering, or a related cybersecurity role.
• Proven expertise in SIEM technologies, IDS/IPS, firewalls, and endpoint security solutions.
• Strong understanding of networking concepts, TCP/IP, and security protocols.
• Experience with security automation and scripting (e.g., Python, Bash, PowerShell).
• Familiarity with cloud security principles and platforms (AWS, Azure, GCP).
• Experience in incident response, digital forensics, and malware analysis.
• Relevant certifications such as GIAC, CISSP, OSCP are highly desirable.
• Exceptional analytical, problem-solving, and critical-thinking skills.
• Strong communication and collaboration skills for remote teamwork.

• Monitor and analyze security alerts from various sources, including SIEM, IDS/IPS, endpoint detection, and threat intelligence feeds.
• Investigate security incidents, conduct root cause analysis, and determine the scope and impact of breaches.
• Develop and execute incident response plans, coordinating actions across different teams.
• Perform forensic analysis of security incidents to gather evidence and identify attack vectors.
• Stay up-to-date with the latest threat landscapes, attack techniques, and vulnerabilities.
• Develop and refine security monitoring rules and detection mechanisms.
• Conduct vulnerability assessments and penetration testing to identify weaknesses.
• Manage and maintain security tools and technologies.
• Create detailed reports on security incidents, findings, and recommended remediation actions.
• Contribute to the development and improvement of security policies and procedures.
• Provide guidance and mentorship to junior security analysts.
• Participate in security awareness training initiatives.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 5-7 years of experience in Security Operations Center (SOC) analysis or a similar cybersecurity role.
• Proven experience in incident detection, investigation, and response.
• Strong knowledge of cybersecurity frameworks, protocols, and technologies (e.g., TCP/IP, firewalls, VPNs, malware analysis).
• Experience with SIEM tools (e.g., Splunk, QRadar, LogRhythm) and EDR solutions.
• Familiarity with threat intelligence platforms and security analytics.
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong communication and collaboration abilities, crucial for remote teamwork.
• Ability to work independently and manage time effectively in a remote environment.
• Relevant security certifications (e.g., Security+, CySA+, GCIH) are a plus.

• Monitor security alerts and events using SIEM and other security tools.
• Investigate security incidents and perform forensic analysis.
• Identify, analyze, and respond to cyber threats and vulnerabilities.
• Develop and maintain security incident response plans and playbooks.
• Conduct threat hunting exercises to proactively identify potential compromises.
• Collaborate with IT teams on security remediation efforts.
• Manage and optimize security technologies and tools.
• Contribute to security awareness training programs.
• Mentor and provide guidance to junior security analysts.
• Stay current with the latest cybersecurity threats and technologies.

• Bachelor's degree in Computer Science, Information Security, or a related field.
• Relevant security certifications such as CISSP, GCIA, GCIH, or CEH are highly desirable.
• Minimum of 5 years of experience in security operations or incident response.
• Proficiency with SIEM, IDS/IPS, EDR, and other security monitoring tools.
• Strong understanding of networking, operating systems, and cybersecurity frameworks.
• Excellent analytical, problem-solving, and investigative skills.
• Ability to work effectively under pressure and manage critical incidents.
• Strong communication and reporting skills.

• Design, implement, and maintain scalable and secure cloud infrastructure (AWS, Azure, GCP).
• Develop and deploy security automation solutions using scripting and SOAR platforms.
• Manage and optimize SIEM, IDS/IPS, WAF, and other security monitoring tools.
• Lead incident response efforts for complex security events, including forensic analysis.
• Conduct regular security assessments, penetration testing, and vulnerability management activities.
• Develop and enforce security policies, standards, and best practices.
• Collaborate with development and operations teams to ensure secure coding practices and infrastructure deployment.
• Stay ahead of emerging threats and security technologies, proactively enhancing defenses.
• Develop and maintain comprehensive security documentation and runbooks.
• Mentor junior security team members and contribute to team knowledge sharing.

• Bachelor's degree in Computer Science, Cybersecurity, Engineering, or a related technical field.
• Minimum of 7 years of experience in security engineering, operations, or a related role, with a significant focus on cloud environments.
• Proven experience in designing and implementing security solutions in AWS, Azure, or GCP.
• Expertise in SIEM/SOAR platforms (e.g., Splunk, QRadar, Demisto).
• Strong proficiency in scripting languages such as Python, Bash, or PowerShell for automation.
• Deep understanding of network security, endpoint security, cryptography, and identity and access management.
• Experience with container security (Docker, Kubernetes) is highly desirable.
• Excellent problem-solving, analytical, and communication skills.
• Ability to work independently and collaboratively in a fast-paced, remote team environment.
• Relevant security certifications (e.g., CISSP, CCSP, OSCP) are a strong plus.