Principal Security Analyst at Kenya Power
Kenya Power
- Kenya
- Permanent
- Full-time
We have the largest Job seeker visits by alexa rankings.
- Company:
- Location: Kenya
- State:
- Job type: Full-Time
- Job category:
- Primarily responsible for leading and managing a SOC team, and ensuring that security incidents are correctly identified, analyzed, defended, investigated, and reported.
- Monitor and analyze activity on networks, servers, endpoints, databases, applications, websites, and other systems, looking for anomalous activity that could be indicative of a security incident or compromise.
- Perform threat management & threat modelling, identify threat vectors and develop use cases for security monitoring.
- Ensure continuous integration of logs from technology assets into the SIEM to meet the security use cases.
- Manage the cyber incident response plan.
- Respond to incidents in accordance with the incident response plan.
- Effective communication and escalation during incident response.
- Focal point of contact for cyber incidents.
- Continuous improvement of the response plan.
- Develop and maintain the required Information Security policies, procedures and standard operating procedures (SOPs) in relation to the SOC and incident response, to strengthen the current Security Operations.
- Develop regular metrics, dashboards and reports for SOC operations for various stakeholders (IT Leadership, Senior Management.
- Develop SOC performance management tools.
- Ensure compliance to SLA and process adherence to achieve operational objectives.
- Leadership, mentorship and performance management for direct reports.
- Work closely and maintain a positive working relationship with internal teams and outsourced partners in the remediation actions of incidents within SLA.
- Direct and supervise the work of personnel and/or contractors assigned to the department.
- Bachelor's Degree in, Information Systems, Computer Science, Information Security or related field required.
- Seven (7) years' Technical Experience in a busy IT Environment with good understanding of all fields of IT and an appreciation for emerging technologies.
- Relevant certifications in Information Security knowledge areas, such as security monitoring, threat intelligence, Information Security Management and Ethical Hacking.
- Experience in security device management, and in SIEM, IPS/IDS, DLP, Active Directory and other security technologies.
- In-depth familiarity with security policies based on industry standards and best practices
- Strong knowledge of technical infrastructure including operating systems, networks, databases, middleware etc., to address the threats against these technologies
- Strong Knowledge of: End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Data Loss Prevention (DLP),Identity and Access Management (IAM)
- Proficient in reports, dashboards and documentation preparation
- Knowledge and experience in IT technology platforms across the IT domains.
- Technical skills to effectively perform IS security management activities/tasks in a manner that consistently achieves established quality standards or benchmarks.
- Knowledge and application of modern IS security management practices to proactively define and implement security quality improvements in line with technological and product changes.
- Knowledge and effective application of all relevant Information Security policies, processes, procedures and guidelines to consistently achieve required compliance standards or benchmarks
Jobs in Kenya