0 Information Security jobs in Kenya

Information System Auditor

Nairobi, Nairobi KES1200000 - KES3600000 Y Co-operative Bank of Kenya

Posted today

Job Viewed

Tap Again To Close

Job Description

As a market leader, we are dedicated towards creating and achieving excellence through our people. Together, we share a common set of values rooted in integrity, excellence and a strong team ethic. We provide you with a superior foundation for building a professional career – a place for people to learn, to achieve and to grow. Here is one such opportunity for you to explore.

This is a high visibility role which provides the successful candidate with an opportunity to contribute to the organization's control environment and exposure to many business areas. The successful candidate will also have an ideal opportunity to be an integral part of the organization and to really make a difference.

Reporting to the Chief Internal Auditor, the Information Systems (IS) auditor is responsible for execution of internal audits covering all aspects of business processes, assessing risks on information systems, business operations and evaluating internal controls to provide an independent appraisal of internal control environment across the Group. The role holder will be responsible for the execution of complex projects in accordance with the audit plan, mainly focusing on Information Systems, Operational processes, Credit Division and Departmental audits.

The Role

Specifically, the successful jobholder will be required to:

  • Conduct special audits as required, leveraging on Computer-Assisted Audit Tools (CAATs) such as, Python, ACL, and SQL Developer to efficiently extract, transform, and analyze large volumes of data
  • Identify opportunities to automate audit procedures and develop scripts to enhance Robotic Process Automation (RPA) for improved efficiency and accuracy.
  • Design, implement, and maintain data analytics models and scripts to support continuous auditing and monitoring activities.
  • Collaborate closely with audit teams to understand specific audit requirements and translate them into effective data analytics and automation solutions
  • Conduct comprehensive penetration tests on the bank's web, mobile banking, and other operational applications, networks, and ICT systems to evaluate the effectiveness of the implemented cybersecurity framework.
  • Evaluate compliance with IT security policies, standards, and regulatory requirements across business units and ICT infrastructure.
  • Stay up to date with emerging cyber threats, vulnerabilities, and regulatory developments in the cybersecurity landscape.
  • Perform independent threat and vulnerability assessment tests and report on cyber risks and controls of the ICT systems within the bank and other related third-party connections.
  • Test the adequacy and effectiveness of control measures on information systems, operational processes, credit, department operations and recommend corrective measures to be undertaken in areas of weakness.
  • Utilize extensive understanding of business activities to recommend scope and objectives of assigned audits, execute audit procedures, perform detailed analyses, reach sound conclusions, and document results for assigned audit activities.
  • Ensure that all instances of significant risk or lack of control are properly identified, all findings are factually based& reported, with pragmatic & balanced recommendations & reports delivered in a timely manner.
  • Actively participate in discussing audit findings and recommendations with line managers of the areas under review.
  • Facilitate the communication of audit results and special projects via written reports and oral presentations to management.
  • Assist in the annual risk assessment process and generation of annual audit plan.
  • Assist in training/mentoring staff and develop and maintain the skills, knowledge and expertise to make valuable contribution to the internal audit team.

Skills, Competencies and Experience

The successful candidate will be required to have the following skills and competencies:

  • Bachelor's degree in information systems or computer science from a recognized university. Possession of an MSc or other relevant postgraduate qualifications will be an added advantage.
  • Experience with intelligent technology integration, including machine learning (ML) using Python or R, AI and natural language processing (NLP) and familiarity with audit automation tools such as ACL Robotics.
  • Professional certification in IT Audit, Risk and Security e.g. CISM, CISSP, CISA, CRISC
  • Excellent understanding of auditing concepts and practices with a minimum of 3 years' experience in management role in IT and operations or IT and operation audit.
  • Skilled in project management and maintaining composure under pressure while meeting multiple deadlines.
  • Demonstrable knowledge in risk assessment and control concepts/methodologies.
  • Skilled in negotiation and conflict management to resolve problems that may arise during an audit.
  • Excellent oral and written skills; a strong verbal communicator, analytical writer and able to clearly and concisely convey personal observations of processes, risks and controls.
  • Excellent analytical ability both qualitative and quantitative to draw sound conclusions coupled with demonstrated knowledge and proper application of sampling techniques.
  • Excellent attention to details and organizational skills.
This advertiser has chosen not to accept applicants from your region.

Senior Information Security Engineer

Nairobi, Nairobi KES104000 - KES130878 Y Indsafri

Posted today

Job Viewed

Tap Again To Close

Job Description

Job Role: Information Security Engineer

Exp Required: Atleast 3+ Years of relevant work experience as Information Security engineer

Job type: Full time - Permanent

Job Location: Nairobi, Kenya

***KINDLY DO NOT APPLY IF YOU HAVE LESS THAN 3+ YEARS OF RELEVANT WORK EXPERIENCE IN INFORMATION SECURITY ENGINEER ROLE ***

***KINDLY DO NOT APPLY IF YOU ARE A NON KENYAN CITIZEN***ONLY KENYA CITIZENS WILL BE PREFERRED/CONSIDERED***

Job Summary:

Roles and responsibilities:

Security Architecture & Design

Develop, document, and maintain the enterprise security architecture, ensuring alignment with business goals and IT strategy.

Design security controlsand solutions for infrastructure, applications, networks, and cloud environments.

Evaluate new technologies and recommend secure integration into existing systems.

Implementation & Operations

Configure, deploy, and maintain securitytools (e.g., firewalls, IDS/IPS, SIEM, endpoint protection, vulnerability management).

Lead security configurations for servers, databases, applications, and network devices. Conduct regular vulnerability assessments, penetration testing, and remediation activities.

Governance, Risk, and Compliance

Assist in the development and enforcement of IT security policies, standards, and procedures.

Ensure compliance with applicable regulatory requirements (e.g., GDPR, PCI DSS, ISO 27001, Data Protection Act).

Support risk assessments and the creationof mitigation plans. Prepares the Governance, Risk, and Compliance reports

Incident Response & Monitoring

Act as a key technicallead in the detection, response, and recovery from security incidents.

Maintain and improvethe incident responseplaybook in collaboration with the outsourced CISO.

Conduct post-incident analysis to strengthen defences.

Collaboration & Reporting

Work closely with the outsourced CISO to align on security strategy and initiatives. Provide security status updates, risk assessments, and recommendations to the CIO. Partner with IT operations, development teams, and business units to embed security in all projects.

Qualifications:

  • Bachelor's degreein Computer Science,Information Technology, Cybersecurity, or related field. Security certifications preferred (e.g., CISSP, CISM, CEH, CompTIA Security+, CCSP).
  • Atleast 3+ years of relevant work experience as information security roles, with strong exposure to security architecture or engineering.
  • Hands-on experience with security technologies (firewalls, SIEM, endpoint security, vulnerability scanners).
  • Knowledge of cloud security (AWS, Azu1'e), network security, and application security best practices.
  • Proven track record of working within a governance and compliance framework. Skills:
  • Strong analytical, problem-solving, and troubleshooting skills. Excellent communication and documentation abilities.
  • Ability to work independently and collaboratively in a hybrid oversight model.
  • Technical depth in cybersecurity tools and architecture design.
  • Strong understanding of IT infrastructure and software development lifecycle. Risk-based decision-making.
  • Business acumen with the ability to balance security with operational needs.
  • Strong communication skills
  • We are looking for people who can join immediately to 30 days of notice period

Technical Skills Required: (Mandatory)

  • Atleast 3+ years of relevant work experience in information security, with strong exposure to security architecture or engineering.
  • Atleast 3+ Years of relevant work experience in information security roles with strong exposure to security architecture or engineering.
  • Atleast 3+ Years of relevant work experience with security technologies (firewalls, SIEM, endpoint security, vulnerability scanners).
  • Knowledge of cloud security (AWS, Azure), network security, and application security best practices.
  • Technical depth in cybersecurity tools and architecture design.
  • Strong understanding of IT infrastructure and software development lifecycle

Note:

This is a permanent full time role

Interested candidates can share your updated resume to with the below details

Name -

Tot Exp -

Rel years of wok exp as Internet Security Engineer (IT) -

Rel years of work exp in Information Security Engineering -

Rel years of work exp in Information security -

Rel years of work exp in security architecture or engineering -

Rel years of work exp in security technologies (firewalls, SIEM, endpoint security, vulnerability scanners) -

Rel years of work exp in cloud security (AWS, Azure) -

Rel years of work exp in network security -

Rel years of work exp in application security -

Rel years of work exp in cybersecurity tools -

Rel years of work exp in IT infrastructure-

Rel years of work exp in software development lifecycle -

Rel years of work exp in architecture design -

Notice period (in days) -

Current location -

Mob No -

Email id -

Current salary (in per month Kenyan Shillings) -

Expected salary ECTC (In per month Kenyan Shillings) -

Any offers on hand -

Certification if any -

Reason for leaving or job change -

Nationality -

Kenya ID No/PR ID No -

Date of Birth -

WHY INDSAFRI:

We believe anything is possible We humans have the potential to create and build anything we can imagine. we have walked the entire planet, climbed the greatest mountains, sailed once infinite oceans, inspired by birds we decided to fly, in our once impossible quest for space, now we even float in the outer space. Everything started with a simple belief that something is possible, from simple beginnings, we have come a long way, to building technology that is indistinguishable from magic. And we believe that technology is at its best when it can make people smile. If we do it with all our passion & intelligence, together nothing is impossible. How do we do it? In the future, every business will be a technology company, & the future is now. From food to finance every business is rapidly transforming & embracing cutting-edge technology at its core & good humanistic design at its heart. Indsafri can transform your business for growth, as we have done for numerous organizations big and small, by working as your trusted technology partner and bringing our deep industry experience. If you have a challenging business problem we believe there is always a solution, with the right process, talents & technology anything is possible. The Impact we create: We work with some of the Best Organizations around the world, with a distributed global network of Partners & Talents, using state-of-the-art cutting-edge Technology & High-end Human-Centered Design.

Website

This advertiser has chosen not to accept applicants from your region.

ICITAP Digital Forensic Advisor - Kenya

Amentum

Posted 6 days ago

Job Viewed

Tap Again To Close

Job Description

Amentum is a premier global services partner supporting critical programs of national significance across defense, security, intelligence, energy, and environment. Amentum draws from a century-old heritage of operational excellence, mission focus, and successful execution underpinned by a strong culture of safety and ethics. Headquartered in Chantilly, VA., Amentum employs more than 50,000 people on all seven continents.
Amentum is supporting the U.S. Department of Justice (DOJ) in providing specialized training, advisory and mentoring services to host nations under the Criminal Division's International Criminal Investigative Training and Assistance Program (ICITAP).  is a cornerstone of America's global strategy for combating transnational crime, terrorism, countering trafficking in persons, establishing rule of law and enhancing human rights in developing countries.  Amentum is the contract service provider to the DOJ ICITAP and Overseas Prosecutorial Development, Assistance and Training (OPDAT) programs. 
**Please Note: This is an Independent Contractor position with Amentum, it should not be considered an employment relationship with Amentum.**
**POSITION SUMMARY:**
Amentum is currently seeking a qualified candidate to serve as Digital Forensic Advisor in Nairobi, Kenya. This position will be responsible for mentoring host-country experts on training, techniques and procedures in the area of digital forensics
**JOB DUTIES AND RESPONSIBILITIES:**
The Forensic Digital Evidence Advisor is the principal subject matter expert in mobile digital and computer evidentiary analysis. The advisor mentors host-country experts on training, techniques and procedures used in the collection, preservation, examination, analysis, and court production of digital evidence with an emphasis on ISO/IEC 17020 and/or 17025 accreditation requirements. The advisor will mentor host-country experts on understanding operating systems such as Windows, Macintosh, Linux or UNIX, and DOS and conducting examinations on compromised computers and servers. The advisor will train on information systems security; network architecture; general database concepts; document management; hardware and software troubleshooting; electronic mail systems, such as Exchange; Microsoft Office applications; intrusion tools; and computer forensic tools. The advisor may be required to conduct advanced training related to conducting security assessments, penetration testing, link analysis, and ethical hacking. The advisor will also advise host country officials on the use, calibration, maintenance and testing of equipment associated with digital or computer analysis (such as EnCase, Access Data, Cellebrite, and FTK) as well as best practices for digital or computer evidence exploitation, database, analysis reports and chain of custody records management. The advisor will also work with various US officials from Departments of State (DoS) and Justice (DOJ). Duties also include facilitating meetings; leading working groups; developing reports and specialized papers; reviewing and editing policies; and conducting briefings.
**REQUIRED SKILLS AND QUALIFICATIONS:**
(Superior experience in critical areas may be substituted for other areas at DOJ discretion)
+ Minimum of 10 years of criminal justice experience progressively increasing responsibilities involving complex cases;
+ Minimum of 5 years of related digital evidence/cybercrime experience;
+ Bachelor's degree from a US Department of Education recognized institution;
+ Ability to obtain and maintain a Public Trust certification from the U.S. DOJ.
**DESIRED QUALIFICATIONS:**
+ Certified Computer Forensic Examiner (CCFE) through the Information Assurance Certification Review Board (IACRB), or equivalent;
+ Experience supervising or managing digital evidence activities;
+ Demonstrated experience in QA/QC inspections and validation for forensic facilities or working in an ISO 17025 or 17020 accredited facility;
+ Continuing education demonstrated through publications, presentations, coursework, internships, or certifications; and,
+ Language and foreign service skills/experience;
+ Experience training or advising foreign officials;
Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, sex, sexual orientation, pregnancy (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, ancestry, United States military or veteran status, color, religion, creed, marital or domestic partner status, medical condition, genetic information, national origin, citizenship status, low-income status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law. Learn more about your rights under Federal laws and supplemental language at Labor Laws Posters ( .
This advertiser has chosen not to accept applicants from your region.

Principal Security Operations Center (SOC) Analyst

00100 Abothuguchi West KES480000 Annually WhatJobs

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

full-time
Our client is seeking a highly experienced and analytical Principal Security Operations Center (SOC) Analyst to lead their remote cybersecurity efforts. In this critical role, you will be at the forefront of detecting, analyzing, and responding to security threats across the organization's digital infrastructure. You will leverage advanced tools and techniques to monitor for suspicious activities, conduct in-depth investigations, and develop strategic recommendations to enhance the overall security posture.

Key responsibilities include leading the analysis of security alerts generated by SIEM, IDS/IPS, EDR, and other security tools. You will perform forensic analysis of security incidents, identify root causes, and develop remediation plans. This role involves developing and refining threat detection rules, playbooks, and incident response procedures. You will also mentor and guide junior SOC analysts, conduct threat hunting exercises, and stay abreast of the latest cybersecurity threats, vulnerabilities, and mitigation strategies. Collaboration with IT infrastructure, application development, and compliance teams is essential to ensure a holistic approach to security. Experience in creating detailed incident reports and presenting findings to senior management is required.

The ideal candidate will possess a Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field, with a minimum of 7 years of experience in security operations, incident response, or threat intelligence. Extensive experience with SIEM platforms (e.g., Splunk, QRadar, Azure Sentinel), EDR solutions, and network security monitoring tools is mandatory. Certifications such as CISSP, GSEC, GCIA, or equivalent are highly desirable. Proven experience in digital forensics, malware analysis, and advanced persistent threat (APT) investigation techniques is required. Strong scripting skills (e.g., Python, PowerShell) for automation and analysis are a significant advantage. Excellent analytical, problem-solving, and communication skills are essential for this leadership role in a remote setting. This position allows you to make a significant impact from Nairobi, Nairobi, KE .
This advertiser has chosen not to accept applicants from your region.

Remote Senior Information Security Analyst - Threat Intelligence

40100 Kisumu KES80000 Annually WhatJobs

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

full-time
Our client is seeking a highly experienced Remote Senior Information Security Analyst specializing in Threat Intelligence to join their elite cybersecurity team. This fully remote role is paramount in identifying, analyzing, and mitigating advanced cyber threats facing the organization. You will be responsible for monitoring threat landscapes, developing threat intelligence reports, and providing actionable insights to enhance our defensive capabilities. The ideal candidate possesses deep technical expertise, exceptional analytical skills, and a proactive approach to safeguarding digital assets.

Responsibilities:
  • Monitor and analyze global threat intelligence feeds, identifying emerging threats, vulnerabilities, and attack vectors.
  • Develop and maintain comprehensive threat intelligence reports, providing actionable insights to security operations and incident response teams.
  • Conduct in-depth research on threat actors, their tactics, techniques, and procedures (TTPs).
  • Utilize various security tools and platforms (SIEM, EDR, TIP) to detect and analyze malicious activity.
  • Develop and implement threat hunting strategies to proactively identify and neutralize threats within the network.
  • Create and refine security alerts and detection rules based on threat intelligence findings.
  • Collaborate with incident response teams to provide context and support during security incidents.
  • Contribute to the development and improvement of security policies, procedures, and standards.
  • Stay current with the latest cybersecurity trends, threats, and technologies.
  • Present findings and recommendations to technical and non-technical stakeholders.
  • Mentor junior security analysts and share knowledge across the team.
Qualifications:
  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field.
  • Minimum of 7 years of experience in information security, with a strong focus on threat intelligence and analysis.
  • In-depth knowledge of cybersecurity principles, attack methodologies, and threat actor TTPs.
  • Proficiency with threat intelligence platforms, SIEM tools, EDR solutions, and other security technologies.
  • Experience with scripting languages (e.g., Python) for automation is a plus.
  • Strong analytical, research, and problem-solving skills.
  • Excellent written and verbal communication skills, with the ability to produce clear and concise reports.
  • Ability to work independently and manage multiple priorities effectively in a remote setting.
  • Relevant security certifications such as CISSP, GIAC, or CEH are highly desirable.
This is a crucial role within our client's cybersecurity framework, offering the flexibility of a fully remote position. If you are a passionate cybersecurity professional dedicated to staying ahead of threats, we encourage you to apply.
This advertiser has chosen not to accept applicants from your region.

Remote Senior Penetration Tester - Application Security

20200 Mwembe KES90000 Annually WhatJobs

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

full-time
Our client is seeking a highly skilled and experienced Remote Senior Penetration Tester with a focus on application security to bolster their cybersecurity defenses. This fully remote position is integral to proactively identifying and mitigating security vulnerabilities within web applications, APIs, and mobile platforms. You will be responsible for conducting in-depth penetration tests, simulating real-world attacks, and providing comprehensive reports with actionable remediation strategies. The ideal candidate possesses a deep understanding of application security principles, extensive hands-on testing experience, and a relentless drive to uncover security weaknesses.

Responsibilities:
  • Conduct thorough penetration tests on web applications, APIs, and mobile applications to identify security vulnerabilities.
  • Develop and execute comprehensive test plans, methodologies, and scripts.
  • Utilize a variety of security tools and techniques to simulate attacks and exploit vulnerabilities.
  • Perform security code reviews and analyze application architecture for potential security flaws.
  • Document findings meticulously, including the severity of vulnerabilities, potential impact, and detailed remediation recommendations.
  • Communicate technical findings effectively to both technical and non-technical audiences through written reports and presentations.
  • Stay abreast of the latest application security threats, vulnerabilities, and testing techniques.
  • Collaborate with development teams to advise on secure coding practices and assist in the remediation process.
  • Contribute to the continuous improvement of the penetration testing program and methodologies.
  • Mentor junior penetration testers and share knowledge across the security team.
  • Maintain ethical standards and confidentiality in all testing activities.
Qualifications:
  • Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent practical experience.
  • Minimum of 7 years of experience in application security penetration testing.
  • Proven expertise in identifying and exploiting common web application vulnerabilities (e.g., OWASP Top 10).
  • Proficiency with penetration testing tools such as Burp Suite, OWASP ZAP, Nmap, Metasploit, and others.
  • Strong understanding of application security principles, secure coding practices, and common development frameworks.
  • Experience with API security testing and mobile application security assessments.
  • Excellent analytical, problem-solving, and reporting skills.
  • Ability to work independently, manage time effectively, and meet project deadlines in a remote environment.
  • Relevant security certifications such as OSCP, CEH (with AppSec focus), or GWAPT are highly desirable.
This critical role offers the advantage of a fully remote setup, allowing you to contribute your specialized skills to safeguarding our client's digital assets from anywhere.
This advertiser has chosen not to accept applicants from your region.

Senior Information Security Architect (Remote)

20200 Kapsuser KES400000 Annually WhatJobs

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

full-time
Our client is seeking a highly experienced and strategic Senior Information Security Architect to lead the design and implementation of robust security solutions for their global infrastructure. This is a fully remote position, allowing you to operate from anywhere. The ideal candidate will possess deep expertise in cybersecurity principles, threat landscapes, and architectural design, with a proven ability to build secure, resilient systems. You will be responsible for defining security standards, evaluating new technologies, and developing roadmaps to protect sensitive data and critical assets from evolving cyber threats.

Key Responsibilities:
  • Design, develop, and maintain secure enterprise-level architectures for networks, applications, and cloud environments.
  • Develop and enforce security policies, standards, and best practices across the organization.
  • Conduct comprehensive security risk assessments, vulnerability analyses, and penetration testing.
  • Evaluate and recommend security technologies, tools, and services to enhance the organization's security posture.
  • Develop security roadmaps and strategic plans to address current and future threats.
  • Collaborate with IT and business teams to integrate security considerations into the system development lifecycle (SDLC) and project planning.
  • Lead incident response planning and contribute to incident management activities.
  • Provide expert guidance on data protection, privacy regulations (e.g., GDPR, CCPA), and compliance frameworks.
  • Mentor junior security professionals and contribute to the development of a strong security culture.
  • Stay current with the latest cybersecurity threats, trends, and mitigation strategies.
  • Develop and deliver security awareness training programs.

Qualifications:
  • Bachelor's or Master's degree in Computer Science, Information Security, Cybersecurity, or a related field.
  • Minimum of 8 years of progressive experience in information security, with a strong focus on security architecture and design.
  • Extensive knowledge of network security, application security, cloud security (AWS, Azure, GCP), endpoint security, and cryptography.
  • Proficiency in security frameworks such as NIST, ISO 27001, and CIS Controls.
  • Experience with security assessment tools and techniques.
  • Relevant security certifications such as CISSP, CISM, or SANS GIAC certifications are highly desirable.
  • Excellent analytical, problem-solving, and strategic thinking skills.
  • Superior communication and presentation skills, with the ability to explain complex security concepts to both technical and non-technical audiences.
  • Proven ability to work independently and lead projects in a remote environment.
  • Experience in threat modeling and risk management.
This is a critical role for safeguarding our client's digital assets and ensuring business continuity. Your expertise will be vital in protecting systems that have implications for **Kericho, Kericho, KE**, and beyond, all while working remotely. Join a leading organization dedicated to cybersecurity excellence.
This advertiser has chosen not to accept applicants from your region.
Be The First To Know

About the latest Information security Jobs in Kenya !

Remote Information Security Analyst

10000 Ngong KES130000 Annually WhatJobs

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

full-time
Our client is seeking a vigilant and skilled Remote Information Security Analyst to safeguard their digital assets and ensure the integrity, confidentiality, and availability of their information systems. This role is crucial for identifying and mitigating security threats, responding to incidents, and implementing robust security measures. As a fully remote position, you will work closely with the IT and security teams to monitor networks, conduct vulnerability assessments, and develop security policies and procedures. The ideal candidate will possess a strong understanding of cybersecurity principles, threat landscapes, risk management, and security technologies. You will be adept at analyzing security logs, investigating suspicious activities, and recommending proactive solutions to enhance our security posture. This position requires exceptional analytical abilities, a detail-oriented mindset, and the capacity to respond effectively to security incidents. You will be instrumental in ensuring our organization remains protected against evolving cyber threats, operating autonomously and communicating findings clearly to stakeholders.

Key Responsibilities:
  • Monitor security alerts and logs to detect and respond to potential security threats and incidents.
  • Conduct regular vulnerability assessments and penetration testing on systems and applications.
  • Develop and implement security policies, procedures, and best practices.
  • Investigate security breaches and other cybersecurity incidents, performing root cause analysis.
  • Recommend and implement security controls and solutions to mitigate identified risks.
  • Stay up-to-date with the latest cybersecurity threats, trends, and technologies.
  • Develop and deliver security awareness training to employees.
  • Manage and maintain security tools and technologies (e.g., firewalls, intrusion detection systems).
  • Collaborate with IT teams to ensure secure system configurations and network architecture.
  • Document security procedures, incident response plans, and system configurations.
Qualifications:
  • Bachelor's degree in Information Security, Computer Science, or a related field. Relevant certifications (e.g., CISSP, CompTIA Security+) are highly valued.
  • Minimum of 4 years of experience in information security, cybersecurity, or a related role.
  • Strong understanding of network security, system security, cryptography, and risk management.
  • Experience with security tools such as SIEM, IDS/IPS, firewalls, and endpoint security solutions.
  • Proficiency in analyzing security logs and identifying suspicious activity.
  • Excellent problem-solving and analytical skills.
  • Strong written and verbal communication skills, with the ability to explain technical concepts clearly.
  • Ability to work independently and manage time effectively in a remote environment.
  • Knowledge of security frameworks and compliance standards (e.g., ISO 27001, NIST).
This is an excellent remote opportunity for a dedicated Information Security Analyst to contribute to protecting critical infrastructure and data.
This advertiser has chosen not to accept applicants from your region.

Principal Information Security Engineer

20100 Mwembe KES1100000 Annually WhatJobs

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

full-time
Our client is seeking a highly skilled and experienced Principal Information Security Engineer to lead and advance their cybersecurity initiatives. This is a fully remote position, allowing top talent to contribute from anywhere.

Responsibilities:
  • Design, implement, and manage advanced information security systems and solutions to protect organizational assets from cyber threats.
  • Develop and maintain the company's information security strategy, policies, and procedures.
  • Conduct comprehensive risk assessments and vulnerability analyses, identifying potential security weaknesses.
  • Lead incident response efforts, including investigation, containment, eradication, and recovery from security breaches.
  • Evaluate and implement security technologies such as firewalls, intrusion detection/prevention systems, SIEM, and endpoint protection.
  • Develop and deliver security awareness training programs to employees.
  • Ensure compliance with relevant industry regulations and standards (e.g., ISO 27001, GDPR).
  • Collaborate with IT and other departments to integrate security into all aspects of system design and development.
  • Stay abreast of the latest cybersecurity threats, vulnerabilities, and mitigation techniques.
  • Provide expert guidance and mentorship to junior security engineers and IT staff.
  • Manage relationships with security vendors and service providers.
  • Develop and execute security architecture reviews and penetration testing programs.

Qualifications:
  • Master's degree in Computer Science, Information Security, or a related field.
  • Minimum of 8 years of progressive experience in information security engineering and management.
  • In-depth knowledge of network security, application security, cloud security, and cryptography.
  • Proven experience in designing and implementing robust security architectures.
  • Hands-on experience with various security tools and technologies (e.g., SIEM, EDR, vulnerability scanners).
  • Strong understanding of incident response procedures and forensic analysis.
  • Excellent analytical, problem-solving, and critical thinking skills.
  • Exceptional communication and leadership abilities.
  • Ability to work independently and manage complex projects in a remote setting.
  • Relevant security certifications such as CISSP, CISM, OSCP are highly preferred.
  • Experience in the Information Security sector is paramount.
This is a crucial role for a seasoned security professional to shape and protect our client's digital landscape, working remotely from **Naivasha** or any other approved location.
This advertiser has chosen not to accept applicants from your region.

Senior Information Security Analyst - Remote

80200 Shella KES4800000 Annually WhatJobs

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

full-time
Our client is seeking a highly skilled and experienced Senior Information Security Analyst to join their growing team. This role will be based in **Malindi, Kilifi, KE**, with a hybrid work arrangement, offering a blend of in-office collaboration and remote flexibility. The ideal candidate will have a strong understanding of cybersecurity principles, threat landscape, and incident response. You will be responsible for monitoring security alerts, identifying potential threats, and implementing appropriate security measures to protect the organization's assets. Key responsibilities include conducting vulnerability assessments, penetration testing, and security audits. You will also develop and maintain security policies, procedures, and documentation. The Senior Information Security Analyst will play a crucial role in incident response, leading investigations, and coordinating remediation efforts. Collaboration with IT teams, business units, and external partners is essential to ensure a comprehensive security posture. Staying current with emerging threats and security technologies is paramount. This position offers an excellent opportunity to contribute to the cybersecurity strategy of a dynamic organization and advance your career in a challenging and rewarding environment.

Responsibilities:
  • Monitor and analyze security alerts from various security tools (SIEM, IDS/IPS, EDR).
  • Identify, investigate, and respond to security incidents and breaches.
  • Conduct vulnerability assessments, penetration testing, and security audits.
  • Develop, implement, and maintain security policies, procedures, and standards.
  • Recommend and implement security enhancements and controls.
  • Manage security awareness training programs for employees.
  • Stay updated on the latest cybersecurity threats, vulnerabilities, and trends.
  • Collaborate with IT teams to ensure secure system configurations and network infrastructure.
  • Participate in security architecture reviews and provide input on new technologies.
  • Assist in the development and testing of the organization's disaster recovery and business continuity plans.
Qualifications:
  • Bachelor's degree in Information Security, Computer Science, IT, or a related field.
  • Minimum of 5 years of experience in information security, cybersecurity operations, or incident response.
  • Strong knowledge of network security, endpoint security, cloud security, and cryptography.
  • Experience with SIEM, IDS/IPS, EDR, and vulnerability management tools.
  • Understanding of security frameworks such as NIST, ISO 27001, or SOC 2.
  • Relevant certifications such as CISSP, CISM, CEH, or Security+ are highly desirable.
  • Excellent analytical, problem-solving, and critical thinking skills.
  • Strong communication, documentation, and reporting abilities.
  • Ability to work effectively both independently and as part of a team.
This advertiser has chosen not to accept applicants from your region.
 

Nearby Locations

Other Jobs Near Me

Industry

  1. request_quote Accounting
  2. work Administrative
  3. eco Agriculture Forestry
  4. smart_toy AI & Emerging Technologies
  5. school Apprenticeships & Trainee
  6. apartment Architecture
  7. palette Arts & Entertainment
  8. directions_car Automotive
  9. flight_takeoff Aviation
  10. account_balance Banking & Finance
  11. local_florist Beauty & Wellness
  12. restaurant Catering
  13. volunteer_activism Charity & Voluntary
  14. science Chemical Engineering
  15. child_friendly Childcare
  16. foundation Civil Engineering
  17. clean_hands Cleaning & Sanitation
  18. diversity_3 Community & Social Care
  19. construction Construction
  20. brush Creative & Digital
  21. currency_bitcoin Crypto & Blockchain
  22. support_agent Customer Service & Helpdesk
  23. medical_services Dental
  24. medical_services Driving & Transport
  25. medical_services E Commerce & Social Media
  26. school Education & Teaching
  27. electrical_services Electrical Engineering
  28. bolt Energy
  29. local_mall Fmcg
  30. gavel Government & Non Profit
  31. emoji_events Graduate
  32. health_and_safety Healthcare
  33. beach_access Hospitality & Tourism
  34. groups Human Resources
  35. precision_manufacturing Industrial Engineering
  36. security Information Security
  37. handyman Installation & Maintenance
  38. policy Insurance
  39. code IT & Software
  40. gavel Legal
  41. sports_soccer Leisure & Sports
  42. inventory_2 Logistics & Warehousing
  43. supervisor_account Management
  44. supervisor_account Management Consultancy
  45. supervisor_account Manufacturing & Production
  46. campaign Marketing
  47. build Mechanical Engineering
  48. perm_media Media & PR
  49. local_hospital Medical
  50. local_hospital Military & Public Safety
  51. local_hospital Mining
  52. medical_services Nursing
  53. local_gas_station Oil & Gas
  54. biotech Pharmaceutical
  55. checklist_rtl Project Management
  56. shopping_bag Purchasing
  57. home_work Real Estate
  58. person_search Recruitment Consultancy
  59. store Retail
  60. point_of_sale Sales
  61. science Scientific Research & Development
  62. wifi Telecoms
  63. psychology Therapy
  64. pets Veterinary
View All Information Security Jobs