Senior, Cyber Security Architect at Safaricom Kenya

Job Description

Senior, Cyber Security Architect at Safaricom Kenya

• The Cyber Security Architect role is responsible for defining, analyzing and periodically reviewing the cyber security strategy and roadmap based on the ever-evolving threat landscape and ensure risks identified are adequately mitigated. He/she will also architect and design cyber security systems in line with best practices to ensure they meet all requirements including adequate security, capacity and performance.
• Reporting to the Senior Manager, Cyber Security Strategy & Design,the successful candidate will lend support in ensuring all new and existing systems/products/services are designed and implemented in a secure manner to avoid or mitigate any risks/security threats encountered.

RESPONSIBILITIES

• Define, analyze and periodically review the cyber security strategy and roadmap based on the evolving threat landscape and ensure risks identified are mitigated
• Architect and design cyber security systems in line with best practices to ensure they meet user requirements including adequate security, capacity and performance.
• Define cyber security requirements and acceptance criteria for new systems
• Draft and evaluate RFIs/RFPs
• Liaise with Supply Chain in the procurement process
• Do the technical evaluations and PoCs (Ops team should also be involved in this)
• Select the best solution and present to the investment governance board
• Ensure all vendors have up-to-date contracts (contract management)
• Implement, Test, Deploy and Commission new systems                         
• Ensure proper change management and system handover processes are followed
• Recommend major upgrades where required and liaise with the operations team when doing the upgrades especially if it affects the design/architecture of the system
• Ensure all security technology and processes implemented are continually improved to maximize on their returns/benefits
• Manage all aspects of projects and vendor related issues in line with best practices
• Define metrics and report periodically that clearly demonstrate return on security investment (ROSI)
• Conduct research and development on new areas in security and present on them for sensitization and knowledge transfer to other team members/staff                                               
• Ensure all security systems implemented have high availability and disaster recovery in accordance with best practices

QUALIFICATIONS

• Degree in Information Security/Computer Science/Information Technology or other relevant Technical Degree
• Information security certifications e.g. CISSP, CISM, CISA, Comptia Security+
• Advanced Networking certifications e.g. CCNA, CCNP, Comptia Network+
• Certifications in Microsoft Windows and Linux/Unix Operating Systems e.g. Redhat, LPI, Comptia Linux+
• Demonstrate competency in the implementation and administration of various security tools e.g. Firewalls, Intrusion Prevention systems, Web application firewalls, Anti-DDOS, Antivirus, DLP etc…

Skills and Experience

• Minimum of 2 years’ experience in implementing and administering Cyber Security tools – e.g. Firewalls, Intrusion Prevent Systems, Web Application Firewalls, Content Filters, Endpoint protection, Data Leakage Prevention etc…
• Minimum of 2 years’ experience in IT Networks e.g.  Cisco, Fortinet, Checkpoint, Huawei etc…
• Minimum of 2 years’ experience with various Operating Systems e.g. Windows, Linux, Unix etc…
• Working knowledge of web technologies e.g. cPanel, Apache, PHP, Joomla, WordPress and ASP will be an added advantage
• Working knowledge of databases e.g. Oracle, MSSQL, MySQL, Postgress SQL will be an added advantage
• Working knowledge of Virtualization Technologies e.g. VMWare, Openshift, Open Stack will be an added advantage
• Working knowledge and experience in DevOps and Microservices technologies i.e. Docker, Kubernetes, Jenkins, Gitlab/Github etc… will be an added advantage
• Working knowledge of Mobile and GSM technologies e.g. Android, IOS, 2G, 3G, LTE, USSD etc… will be an added advantage
• Working knowledge of encryption technologies e.g. PKI, HSM, PGP will be an added advantage.

Senior, Cyber Security Architect at Safaricom Kenya