I&M Bank Information Security Analyst Job in Kenya

I&M Bank, a regional Bank with a fast growing branch network around the country, is seeking to fill in the following position in ICT Department.

Information Security Analyst

Ref: ISA/7/9/2018

Job Summary: The Job holder will be part of the bank’s management team and will be will be responsible for assessing and monitoring the Bank’s application and digital products, including their network setup and document any security issues or breaches identified for resolution.

Key responsibilities:

The Incumbent will report to the Senior Manager – Information Security and will be responsible for:

  • Performing an oversight role on the security of web/mobile applications and software development activities for digital applications.
  • Maintaining and administering tools necessary to secure end points and provide recommendations for improvements specifically web/mobile application firewalls.
  • Event remediation and incident response activities for web/mobile applications.
  • Recommending security measures and operating the software to protect systems and information infrastructure, including firewalls and data encryption programs.
  • Working with the Cyber Security team to perform tests & uncover network vulnerabilities.
  • Fixing detected vulnerabilities to maintain a high-security standard.
  • Researching on security enhancements on applications and make recommendations to management.
  • Developing and executing formal web/mobile application security test plans to ensure the delivery of quality software applications.
  • Test planning, preparation and communication with relevant departments.
  • Performing web/mobile application attack & penetration (A&P) testing to find security issue such as risks, defects and logical errors on developed applications.
  • Collecting and analyzing security data from manual, automatic and static source code review of web/mobile applications
  • Documenting all web/mobile application related issues and assisting in their resolution prior to application go live.
  • Delivery of security training and education to technical staff with findings and acts as an internal security consultant to advise or influence business or technical partners.
  • Maintaining suitable knowledge of threats, risk assignment, remediation strategies, security tools, testing techniques, and security research
  • Understanding of Web/mobile Services technologies such as XML, SOAP, and SAML

Qualifications and Competencies:

  • Bachelor’s degree in Computer Science, Information Technology or Equivalent from a recognized institution.
  • A security certification including but not limited to CEH, CISA, CISM, OWASP, etc.
  • At least 5 years relevant work experience in conducting web/mobile application security testing of mission critical applications.
  • Knowledge of web/mobile application and application development security testing Processes and Strategies
  • Experience with commercial and open source web/mobile application assessment and auditing packages
  • Secure code review experience using automated toolsets
  • Demonstrated proficiency with CSA controls matrix, OWASP Top 10 and industry standard of web/mobile security and application development security standards
  • Ability to demonstrate understanding of vulnerability remediation
  • Familiarity with malicious code identification and common hacker attack techniques
  • Significant practical knowledge in the following areas:
  • Exploits, vulnerabilities, networks and network attacks
  • Unix, Linux, Windows, operating systems
  • Well-known networking protocols and services (FTP, HTTP, SSH, SMB, LDAP, etc.)
  • Packet analysis and Regular expressions
  • Database structures and queries
  • Excellent communication and interpersonal skills; ability to communicate: write clearly and speak authoritatively to both business and tech audiences
  • Demonstrated critical thinking, analytical and problem solving skills to diagnose and troubleshoot technical issues
  • Strong planning and organization skills;
  • Keeping abreast with latest technology and ability to learn new technologies and concepts quickly
  • Ability to operate within 24 Hour shifts as and when required

If you believe you meet the above requirements, send your application together with a comprehensive curriculum indicating your qualifications, present position, contact and names of three referees.

Your application should reach the below address on or before 14th September 2018.

Please quote the reference number followed by the position applied for in the application

The General Manager-Human Resources
I&M Bank Limited
I&M Tower, Kenyatta Avenue
P.O Box 30238 – 00100, Nairobi

Or email: recruit@imbank.co.ke (preferred)

Only short listed candidates will be contacted.

Canvassing will lead to automatic disqualification.

Job Summary:
Job Title
Job Category
Job Type
Company / Organization
Approx. Salary
Job Opening Date
Job Expiry Date
Job Details
Job Location

Nairobi, Kenya

Nairobi County

ICT and Technology
Updated: September 13, 2018 — 6:32 am