Senior, Cyber Security Architect

The Cyber Security Architect role is responsible for defining, analyzing and periodically reviewing the cyber security strategy and roadmap based on the ever-evolving threat landscape and ensure risks identified are adequately mitigated. He/she will also architect and design cyber security systems in line with best practices to ensure they meet all requirements including adequate security, capacity and performance.

Reporting to the Senior Manager, Cyber Security Strategy & Design, the successful candidate will lend support in ensuring all new and existing systems/products/services are designed and implemented in a secure manner to avoid or mitigate any risks/security threats encountered.

Job Responsibilities 

• Define, analyze and periodically review the cyber security strategy and roadmap based on the evolving threat landscape and ensure risks identified are mitigated
• Architect and design cyber security systems in line with best practices to ensure they meet user requirements including adequate security, capacity and performance.
• Define cyber security requirements and acceptance criteria for new systems
• Draft and evaluate RFIs/RFPs
• Liaise with Supply Chain in the procurement process
• Do the technical evaluations and PoCs (Ops team should also be involved in this)
• Select the best solution and present to the investment governance board
• Ensure all vendors have up-to-date contracts (contract management)
• Implement, Test, Deploy and Commission new systems                         
• Ensure proper change management and system handover processes are followed
• Recommend major upgrades where required and liaise with the operations team when doing the upgrades especially if it affects the design/architecture of the system
• Ensure all security technology and processes implemented are continually improved to maximize on their returns/benefits
• Manage all aspects of projects and vendor related issues in line with best practices
• Define metrics and report periodically that clearly demonstrate return on security investment (ROSI)
• Conduct research and development on new areas in security and present on them for sensitization and knowledge transfer to other team members/staff                                               
• Ensure all security systems implemented have high availability and disaster recovery in accordance with best practices

Qualifications 

• Degree in Information Security/Computer Science/Information Technology or other relevant Technical Degree
• Information security certifications e.g. CISSP, CISM, CISA, Comptia Security+
• Advanced Networking certifications e.g. CCNA, CCNP, Comptia Network+
• Certifications in Microsoft Windows and Linux/Unix Operating Systems e.g. Redhat, LPI, Comptia Linux+
• Demonstrate competency in the implementation and administration of various security tools e.g. Firewalls, Intrusion Prevention systems, Web application firewalls, Anti-DDOS, Antivirus, DLP etc

Skills and Experience

• Minimum of 2 years’ experience in implementing and administering Cyber Security tools – e.g. Firewalls, Intrusion Prevent Systems, Web Application Firewalls, Content Filters, Endpoint protection, Data Leakage Prevention etc…
• Minimum of 2 years’ experience in IT Networks e.g.  Cisco, Fortinet, Checkpoint, Huawei etc
• Minimum of 2 years’ experience with various Operating Systems e.g. Windows, Linux, Unix etc
• Working knowledge of web technologies e.g. cPanel, Apache, PHP, Joomla, Wordpress and ASP will be an added advantage
• Working knowledge of databases e.g. Oracle, MSSQL, MySQL, Postgress SQL will be an added advantage
• Working knowledge of Virtualization Technologies e.g. VMWare, Openshift, Open Stack will be an added advantage
• Working knowledge and experience in DevOps and Microservices technologies i.e. Docker, Kubernetes, Jenkins, Gitlab/Github etc… will be an added advantage
• Working knowledge of Mobile and GSM technologies e.g. Android, IOS, 2G, 3G, LTE, USSD etc… will be an added advantage
• Working knowledge of encryption technologies e.g. PKI, HSM, PGP will be an added advantage

How to Apply. 

If you feel that you are up to the challenge and possess the necessary qualification and experience, kindly proceed to create/ update your candidate profile on the recruitment portal and then Click on the apply button. Remember to attach your resume

.

.

We are the leading telecommunication company in East Africa. Our purpose is to transform lives by connecting people to people, people to opportunities and people to information. We keep over 42 million customers connected and play a critical role in the society, supporting over one million jobs both directly and indirectly while our total economic value was estimated at KES 362 Billion ($ 3.2 billion) for the 12 months through March 2021. We are listed on the Nairobi Securities Exchange (NSE) and with annual revenues of close to KES 298 Billion ($2.5 billion) as at March 2022. We were founded in 1997 as a fully owned subsidiary of Telkom Kenya before a 40 percent acquisition by Vodafone Group PLC in May 2000, and a public offering of 25 percent shares through the NSE in 2008. Under the management of Vodafone Group PLC, we welcomed Michael Joseph, as our first CEO, a few months later in July of 2000. He led the company’s growth to accommodate 16.71 million subscribers from the previous 20,000, largely owing to innovative products like M-PESA in 2007.