The job holder is responsible for carrying out cyber security monitoring of the Authority’s IT infrastructure and business systems for malicious activity and/or active threats. The role also involves responding to security incidents including containment, eradication and recovery in the 24/7 Security Operations Centre (SOC).
- Monitor and analyze logs and alerts from a variety of different technologies across multiple platforms in order to identify and mitigate potential (or active) threats, intrusions, and/or compromises in the 24/7 SOC.
- Provide timely detection, identification and alerts of possible attacks/intrusions, anomalous activities, and distinguish these incidents and events from benign activities.
- Identify cyber-attacks targeted to the KRA network and systems, advise and block cyber attacks
- Triage and investigate active threats, security breaches and other cyber security incidents.
- Perform deep-dive incident analysis by correlating data from various sources. Generate/Review event analysis reports of incident investigations
- Escalates cyber security events according to the Authority’s Cyber Security Incident Response Plan
- Monitor and gather threat intelligence from the deep web and dark web for potential threats and incidents, and analyze such threats and risks and recommend appropriate mitigating measures.
- Ensure conformity to ISO (9001/2015 and 27001/2013) and data security requirements.
- Bachelor’s degree in Computer Science or IT related field.
- Must have at least one of the following certifications or training in CEH/CHFI/ECIH/CISSP or in relevant information security solutions certification, or incidents response
- At least one (1) year related IT security work experience in a large or busy organization.
Technical Skills Required
- Experience in cyber security threat Analysis
- Experience in incident management
- Experience in digital forensics and malware analysis
- Experience in security tests or vulnerability management
- Penetration testing skills
- Research skills
- Experience in cyber security operations(SOC/CIRT)
- Ability to work long hours including night shifts
- Analytical mind with problem-solving aptitude
- Excellent listening, communication and presentation skills
- Reliable and thorough with a deep commitment to accuracy
- Self-motivated and able to work independently
- A team player
- Ability to prioritize competing work commitments and deliver on time
How to Apply