Secure by Design Specialist at Safaricom Telecommunication Ethiopia

Safaricom Telecommunication Ethiopia

Position: Secure by Design Specialist

Job Time: Full-Time

Job Type: Permanent

Place of Work: Addis Ababa, Ababa Abeba - Ethiopia

Posted date: 8 months ago

Deadline: Submition date is over

We are pleased to announce the vacancy for a Secure by Design Specialist within Cyber Security Function. Reporting to the Secure by Design Manager, the successful candidate will lend support in ensuring all new and existing systems/products/services comply with Safaricom’s security policies & standards and other industry best practices e.g. ISO27001, CIS, Internal Cyber Security Baseline standards, etc. The candidate will also provide timely security assurance reports and advice to the business when required even with very tight timelines.

Detailed Description

Reporting to the Senior Specialist: Cyber Security Network & Engineering, the successful candidate will lend support in the design, deployment, day-to-day operation and maintenance of Endpoint Security tools and services and ensure 99.999% uptime.

As an Endpoint Security Specialist, you will play a critical role in protecting an organization's valuable assets and ensuring the confidentiality, integrity, and availability of sensitive information. Your expertise in endpoint security will contribute to maintaining a secure and resilient environment for the organization and its stakeholders.

 Job Responsibilities

• Conduct periodic security reviews, vulnerability assessments & penetration tests across all of Safaricom’s systems/infrastructure
• Ensure all new and existing systems/products/services comply with the Company’s security policies & standards and other industry best practices e.g. ISO27001, CIS and Ethiopia Data Protection Laws
• Provide timely and quality security assurance reports and advice to the business when required even with very tight deadlines
• Do regular follow-ups with system custodians/owners to ensure any security risks identified are addressed within the agreed timelines
• Define Cyber Security metrics and report periodically on security compliance across all networks/systems
• Research on new threats/technologies/vulnerabilities/security design principles etc.
• Working knowledge of Virtualization & Microservices technologies e.g. VMware, Open shift, Kubernetes, Docker etc will be an added advantage
• Working knowledge and experience in DevSecOps technologies and practices i.e. Jenkins, Jira, Github, Gitlab etc will be an added advantage

Qualifications and Educational Requirements

• Degree in Information Security/Computer Forensics/Computer Science/Information Technology or other relevant Technical Degree
• Information security certifications e.g. CEH/CISSP/CISM/CISA/GIAC/CPTP/OSCP
• Advanced Networking certifications: CCNA/CCNP/CCSP/CCIE are also preferred
• Certifications in Microsoft Windows and Linux/Unix Operating Systems
• Demonstrate competency in the use and administration of ethical hacking tools e.g. KALI Linux, Metasploit, Nexpose, Nessus, Nmap, BurpSuite etc…
• Minimum of 3 years working experience in Information Systems Security – e.g. Ethical Hacking, Penetration Testing, Vulnerability Assessments, ICT Audits, Pre-and-Post Implementation System Reviews etc…
• Minimum of 3 years working experience in Networking and Operating Systems e.g. Cisco, Huawei, Windows (All), Unix, Linux etc