Job Purpose:

To implement and maintain our security systems by preventing unauthorized access to our data and responding to privacy breaches.

Duties and Responsibilities include:

• Conduct compliance assessments by understanding business objectives, structure, policies and procedures, internal controls, and external regulations
• Design and implement safety measures and data recovery plans
• Document systems, processes and controls using narratives, flow charts, data flow diagrams, etc.
• Understand and communicate the downstream impact on the business of control deficiencies.
• Advise and collaborate on projects by providing IT controls and risk expertise and considerations
• Analyse IT specifications to assess security risks.
• Install, configure and upgrade security software/applications.
• Secure networks through firewalls, password protection and other systems
• Inspect hardware for vulnerable points of access
• Monitor network activity to identify issues early and communicate them to IT teams
• Act on privacy breaches and malware threats • Serve as a security expert and conduct trainings when needed
• Draft security policies and guidelines
• Completes audit work papers by documenting audit tests and findings
• Collaborate with control owners to implement process changes and track to completion
• Implementation of IT security strategy

Education Requirements:

• Bachelor’s degree in information security, Computer Science, IT, or a related field; or equivalent professional experience.
• Industry-recognized security certifications such as Cisco Security (CCNP Security, CCIE Security), OSCP, SSCP, CEH, CISSP, GIAC certifications, Microsoft Azure Security Engineer Associate, Microsoft Certified: Cybersecurity Architect Expert, or similar.

Work Experience:

• 4+ years’ experience in cyber security analysis, security engineering, or a similar role.
• Hands-on experience with SIEM platforms, endpoint security, and vulnerability and patch management tools
• Clear understanding of compliance requirements in financial services or regulated sectors.
• 2 years in a Supervisory role will be of added advantage.

Key Competences:

• Network and System Security: Demonstrated experience in securing enterprise networks, systems, and endpoints, including firewall configuration, network segmentation and monitoring.
• Identity and Access Management (IAM): Hands-on experience implementing and managing SSO, MFA, and PAM solutions.
• Vulnerability and Patch Management: Proven ability to identify, prioritize, and close vulnerabilities using automated tools, with a strong understanding of patch lifecycle processes.
• Security Assessments and Penetration Testing: Experience in conducting or coordinating vulnerability assessments, penetration tests, and remediation tracking to ensure system resilience.
• Cloud and Application Security: Experience in securing cloud platforms and applications.
• Security Monitoring and Incident Response: Practical experience using NDR and SIEM tools, threat detection, incident investigation, and forensic analysis.
• Compliance and Risk Management: Working knowledge of ISO 27001, NIST, GDPR, and related frameworks, with the ability to translate compliance into operational controls.
• Analytical and Problem-Solving: Ability to conduct threat intelligence, risk assessments, and provide actionable security insights.
• Communication and Collaboration: Strong skills in explaining security concepts, leading awareness sessions, and coordinating across teams.
• Automation and Innovation: Experience with scripting (Python, PowerShell) and familiarity with Zero Trust architectures and automation in security processes.

• Bachelor’s degree in information security, Computer Science, IT, or a related field; or equivalent professional experience.
• Industry-recognized security certifications such as Cisco Security (CCNP Security, CCIE Security), OSCP, SSCP, CEH, CISSP, GIAC certifications, Microsoft Azure Security Engineer Associate, Microsoft Certified: Cybersecurity Architect Expert, or similar.
• 4+ years’ experience in cyber security analysis, security engineering, or a similar role.
• Hands-on experience with SIEM platforms, endpoint security, and vulnerability and patch management tools
• Clear understanding of compliance requirements in financial services or regulated sectors.
• 2 years in a Supervisory role will be of added advantage.