Associate Information Security Analyst at NTT Ltd

• Plans, executes and manages complex penetration testing engagements on various IT assets, including networks, applications and databases.
• Conducts simulated cyber-attacks, including social engineering, to identify vulnerabilities and assesses the organization’s resilience to cyber threats.
• Performs penetration tests against internal and external facing systems.
• Analyses and interprets penetration test results and provides detailed reports to relevant stakeholders.
• Provides input to improve the quality and effectiveness of tests in a highly scaled and global environment.
• Articulates complex technical risks through creation of reports and delivering presentations to key stakeholders.
• Works with Security DevOps teams to test the orchestration and automation processes and platforms, feed results into a testing program.
• Supports the assessment risk and the development and/or recommends appropriate mitigation countermeasures based on empirical testing.
• Provides comprehensive technical expertise with web, application and database vulnerability testing.
• Supports the development of the security automation framework and the implementation roadmap.
• Provides actionable security recommendations and mitigation strategies to address identified vulnerabilities.
• Ensures that penetration testing activities align with relevant industry standards, compliance regulations, and best practices.
• Contributes to any security awareness training and education programs to promote a culture of cybersecurity within the
• organization.
• Stays up to date with the latest cybersecurity threats, attack vectors, and defensive technologies to continuously improve

• Good communication skills to effectively convey technical information to non-technical stakeholders.
• Good analytical thinking and problem-solving skills to prevent hacking on a network.
• Ability to identify and mitigate network vulnerabilities and explain how to avoid them.
• Understands firewalls, proxies, SIEM, antivirus, and IDPS concepts.
• Understands patch management with the ability to deploy patches in a timely manner whilst understanding business impact.
• Some proficiency with MAC and OS.
• Familiarity with security frameworks, standards, and regulations (for example, NIST, CIS, GDPR).
• Basic understanding of network and system architecture, protocols, and security controls.
• Ability to analyze security incidents and assess potential risks.
• Ability to work both independently and collaboratively in a fast-paced environment.

• Bachelor’s degree or equivalent in information security, cybersecurity, computer science, or related.
• Security certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH) are advantageous.

• A minimum of 6 months demonstrated experience in information security or cybersecurity, or related roles.
• Entry level demonstrated experience working in a global IT organization.
• Entry level demonstrated experience with computer network penetration testing and techniques.
• Entry level demonstrated experience with security assessment and vulnerability scanning tools

Jobs in Kenya