We are pleased to announce the vacancy for Endpoint Security Specialist within Cyber Security Function. As an Endpoint Security Specialist, your primary responsibility will be to ensure the protection and security of an organization’s endpoints, including laptops, desktops, servers, applications, and mobile devices. You will play a crucial role in developing and implementing endpoint security strategies, policies, and procedures to mitigate risks and safeguard company data.
Detailed DescriptionReporting to the Senior Specialist: Cyber Security Network & Engineering, the successful candidate will lend support in the design, deployment, day-to-day operation and maintenance of Endpoint Security tools and services and ensure 99.999% uptime.As an Endpoint Security Specialist, you will play a critical role in protecting an organization’s valuable assets and ensuring the confidentiality, integrity, and availability of sensitive information. Your expertise in endpoint security will contribute to maintaining a secure and resilient environment for the organization and its stakeholders.Job ResponsibilitiesDevelop and implement endpoint security strategies: Collaborate with cross-functional teams to define and implement effective endpoint security strategies, including antivirus software, firewalls, intrusion detection systems, encryption, and other security measures.Conduct risk assessments: Identify potential security vulnerabilities and conduct risk assessments to evaluate the effectiveness of existing security controls. Recommend and implement appropriate solutions to mitigate risks.Security policy and procedure development: Develop and maintain endpoint security policies, standards, and procedures that align with industry best practices and regulatory requirements. Ensure compliance with relevant security frameworks, such as ISO 27001 or NIST.Security awareness and training: Educate employees on endpoint security best practices, conduct security awareness campaigns, and provide training to enhance their understanding of security risks and how to mitigate them.Vulnerability management: Perform regular vulnerability assessments and manage the remediation process to ensure that endpoints are up to date with security patches and updates.Endpoint security tool administration: Manage and administer endpoint security tools, such as antivirus software, encryption solutions, and intrusion detection systems. Configure, deploy and maintain these tools to ensure optimal protection.Incident reporting and documentation: Maintain accurate incident records, security logs, and documentation related to endpoint security incidents. Prepare reports for management to provide visibility into the effectiveness of endpoint security measures.Troubleshoot and remediate first-line issues impacting Cyber Security operations.Defining, Maintaining, Improving, and Reporting on Operations Metrics. Documents management and mature Cyber Security Processes.Qualifications and Educational RequirementsBachelor’s degree in Computer Science, Information Security, or a related field.Proven experience working as an Endpoint Security Specialist or in a similar role.In-depth knowledge of endpoint security technologies, tools, and industry best practices.Familiarity with security frameworks and regulations, such as ISO 27001, NIST, GDPR, HIPAA or country’s regulation.Strong understanding of network protocols, operating systems, and security architectures.Experience with security incident response and forensic investigation.Excellent analytical and problem-solving skills.Effective communication and interpersonal skills.Relevant certifications, such as CISSP, CISM, CompTIA Security+, and MCSE are highly desirable.Good report writing and communication skills.Experience developing and executing work processes in a fast-paced technical environment.Have excellent analytical and problem-solving skills with attention to detail.Relevant certifications, such as CISSP, CISM, CompTIA Security+, MCSE, RHCE, CISA, CEH are highly desirable.
Position: Secure by Design Specialist
Reporting to the Senior Specialist: Cyber Security Network & Engineering, the successful candidate will lend support in the design, deployment, day-to-day operation and maintenance of Endpoint Security tools and services and ensure 99.999% uptime.
As an Endpoint Security Specialist, you will play a critical role in protecting an organization’s valuable assets and ensuring the confidentiality, integrity, and availability of sensitive information. Your expertise in endpoint security will contribute to maintaining a secure and resilient environment for the organization and its stakeholders.
- Conduct periodic security reviews, vulnerability assessments & penetration tests across all of Safaricom’s systems/infrastructure
- Ensure all new and existing systems/products/services comply with the Company’s security policies & standards and other industry best practices e.g. ISO27001, CIS and Ethiopia Data Protection Laws
- Provide timely and quality security assurance reports and advice to the business when required even with very tight deadlines
- Do regular follow-ups with system custodians/owners to ensure any security risks identified are addressed within the agreed timelines
- Define Cyber Security metrics and report periodically on security compliance across all networks/systems
- Research on new threats/technologies/vulnerabilities/security design principles etc.
- Working knowledge of Virtualization & Microservices technologies e.g. VMware, Open shift, Kubernetes, Docker etc will be an added advantage
- Working knowledge and experience in DevSecOps technologies and practices i.e. Jenkins, Jira, Github, Gitlab etc will be an added advantage
Qualifications and Educational Requirements
- Degree in Information Security/Computer Forensics/Computer Science/Information Technology or other relevant Technical Degree
- Information security certifications e.g. CEH/CISSP/CISM/CISA/GIAC/CPTP/OSCP
- Advanced Networking certifications: CCNA/CCNP/CCSP/CCIE are also preferred
- Certifications in Microsoft Windows and Linux/Unix Operating Systems
- Demonstrate competency in the use and administration of ethical hacking tools e.g. KALI Linux, Metasploit, Nexpose, Nessus, Nmap, BurpSuite etc…
- Minimum of 3 years working experience in Information Systems Security – e.g. Ethical Hacking, Penetration Testing, Vulnerability Assessments, ICT Audits, Pre-and-Post Implementation System Reviews etc…
- Minimum of 3 years working experience in Networking and Operating Systems e.g. Cisco, Huawei, Windows (All), Unix, Linux etc
How to apply
If you feel that you are up to the challenge and possess the necessary qualifications and experience, kindly proceed to update your candidate profile on the career portal and then Click on the apply button. Remember to attach your resume.
The closing date for receiving applications is Sunday November 26, 2023.