JOB REF NO:
• The Information Security Analyst reports to the Head
of Information Risk Management and is responsible for the
design, implementation and maintenance of effective systems
• S/he will also investigate and resolve identified
systems security breaches, create comprehensive maintenance
of information security policies, standards, guidelines and
procedures and monitor for compliance in line with the organization’s
IT security policy and applicable laws.
• The successful candidate in collaboration with the
Information Technology Services (ITS) Systems Support team,
will also monitor, assess, and fine-tune the IT business continuity
and disaster recovery program, perform network penetration
tests, application vulnerability assessment scans and risk
• This is a senior opening which provides an opportunity
to work with a team of talented technical skills in transforming
a leading Emerging Markets Operations in the Financial Services
sector, positioning it for growth and leadership within its
region, by actively working to achieve the enterprise security
goals of the establishment.
The successful candidate will be expected
to have aptitudes, skills, knowledge and experience on the
• Extensive experience in enterprise security architecture
design and enterprise security document creation.
• Solid knowledge of information security principles
• Working experience with intrusion detection systems
• Installation, configuration, monitoring and response
to security system
• Understanding of advanced security protocols and standards
• Experience with IP networking, networking protocols,
IPSec, VPN's, firewalls, proxy services, DNS, email, access
• Experience with internet, web, application and network
• Proven analytical and problem-solving abilities.
• Ability to effectively prioritize and execute tasks
in a high-pressure environment.
• Good written, oral, and interpersonal communication
• Ability to conduct research into IT security issues
and products as required.
• Ability to present ideas in business-friendly and
• Experience in designing and delivering employee security
• Highly self motivated and directed.
• Keen attention to detail.
• Team-oriented and skilled in working within a collaborative
• Experience with software and security architectures
• Proactively assesses potential items of risk and opportunities
of vulnerability in the network
• Experience with security practices of Intranet and
• Support day-to-day administration of various firewalls
• Knowledge management
• Entrepreneurially minded
• A good bachelor’s degree in Science, Electronic
Engineering or any related discipline.(B.Sc degree in Computer
Science, Engineering discipline, Mathematics or Physics will
be a distinct advantage)
• Experience within the Financial Services sector will
be a distinct advantage
• Experience in managing/working with senior stakeholders
will be a distinct advantage
JOB FUNCTION :
• Monitor and advise on information security
issues related to the systems and workflow to ensure the internal
security controls are appropriate and operating as intended.
• Coordinate response to information security incidents.
• Conduct data classification assessment and security
audits and manage remediation plans.
• Collaborate with IT management, the legal department,
and other stakeholders to manage security vulnerabilities.
• Participate in projects from outset, ensuring Information
Security principles are built into the design and implementation
from the outset
• Perform the deployment, integration and initial configuration
of all new security solutions and of any enhancements to existing
security solutions in accordance with standard best operating
procedures generically and the enterprise’s security
• Create, manage and maintain user security awareness.
• Conduct security research in keeping abreast of latest
• Pro-actively take steps to avoid security breaches
• Maintain up-to-date detailed knowledge of the IT security
industry including awareness of new or revised security solutions,
improved security processes and the development of new attacks
and threat vectors.
• Recommend additional security solutions or enhancements
to existing security solutions to improve overall enterprise
• Prepare IT security documentation, including information
security policies, procedures, standards and guidelines based
on compliance requirements and knowledge of best practices.
The Information Security Analyst will:
• Lead the planning and design activities for the enterprise
security architecture, under the directives of the Head, Information
• Participate in the creation of enterprise security
documents (policies, standards, baselines, guidelines and
procedures) in collaboration with other team heads in the
Information Risk Management unit.
• Provide leadership and work guidance to members of
the Information Security team.
- The post holder will be expected to work actively to achieve
enterprise security goals within a set of resource constraints.
S/he will need to:
• Have the ability to think logically and analyse
complex situations for effective, sometimes out of the box
• Work with all stakeholders to develop strategic
solution options and delivery plans
- The Information Security analyst will be expected to have
excellent communication skills and experience in working
with sponsors and other members of the business. The following
points illustrate this:
• Communication and visibility of all critical issues
and their status and service restore plans
• Define team member roles and expectations, and ensure
• Communicate the technology vision and service improvement
plans to internal and external stakeholders
- The operational scope of the post holder is underscored
by the following functions
• Identify security risks, threats and vulnerabilities
of networks, systems, applications and
new technology initiatives.
• Provide technical support in the development, testing
and operation of firewalls, intrusion-
detection systems, enterprise anti-virus and other automation
• Ensure the confidentiality, integrity and availability
of the data residing on or transmitted
through the organization’s workstations, servers ,
systems through databases and
other data repositories.
• Ensure active compliance with information security
• Maintain up-to-date baselines for the secure configuration
and operations of all in-place
devices, (i.e., security tool, workstations, servers, network
• Maintain operational configurations of all in-place
security solutions as per the established
• Review logs and reports of all systems and devices
• Participate in the design and execution of vulnerability
assessments, penetration tests and
• security audits.
• Provide on-call support for end users for all in-place
- The post holder will need good people skills including
• Build and maintain relationships with the overall
team and stakeholders.
• Coach, mentor, appraise and develop team members
• 5 or more years experience in network, host,
data, application, O/S systems enterprise environment as an
IT Security Analyst, Information Assurance Analyst or Information
• 3 or more years experience in leading technical teams
knowledge of configuring and maintaining at least one leading
corporate firewall solution
• Cisco certification (CCNA, CCNP) would be a distinct
• Desired Technical Knowledge: UNIX, AIX, Linux, Cisco
Network IDS, Cisco Host-based IDS, DES encryption, Digital
Certificates, SSL, VPN, IPSec, TCP/IP, DNS and web security
architecture, mySQL, subversion, SpamAssassin, Nmap, Nikto,
METHOD OF APPLICATION
Candidate who meet the above requirement should email their
resume to firstname.lastname@example.org
PLEASE, STATE THE POSITION YOU ARE APPLYING FOR IN
THE SUBJECT FIELD OF THE MAIL.