National Bank of Kenya
Information Systems Security Administrator
Job Ref No.HR/016/17
Available positions: One (1)
Station: Head Office
Reporting to: Head, Information Systems
Position scope: To plan and carry out security measures to protect the Bank’s computer networks, systems and data.
- Participate in the development and review of Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements.
- Implement and monitor compliance with the Bank’s security policies and procedures among employees, contractors, and other third parties and takes corrective action.
- Implement, monitor and perform regular access profile reviews to ensure that appropriate system and information access levels are maintained.
- Conduct Bank-wide data classification assessment and security audits and manage remediation plans
- Ensure the confidentiality and integrity of data at rest or while in transit between end point devices, servers and other systems
- Monitor the Bank’s networks and systems for security breaches and investigate violations when they occur.
- Manage network intrusion detection and prevention systems (Administration of firewalls, Active Directory and data encryption programs)
- Perform vulnerability assessment and penetration testing to simulate attacks to look for vulnerabilities in systems before they can be exploited.
- Implement appropriate mitigants of all significant risks as appropriate.
- Coordinate and execute ICT security projects for the Bank.
- Prepare reports that document attempted and actual security breaches and the extent of the damage caused by the breaches.
- Create, manage and maintain user security awareness.
Skills & Experience:
- Bachelor’s degree in Information Technology.
- CISA, CISSP or related security certifications.
- MCSE, Linux and exposure to web security architecture.
- Certified Ethical Hacker certification an advantage.
- 2 to 5 years of experience in information technology Security.
- Solid knowledge of information security principles and practices.
- Experience with security architectures (Firewalls, Intrusion detection systems, encryption technologies etc).
- Experience in Active Directory administration, Pen testing.
How to Apply:
Send your CV and application letter clearly indicating the position title on the subject line to:
by 10th March 2017.
Only shortlisted candidates will be contacted.