JOB DESCRIPTIONReporting to the Senior Manager, Cyber Strategy & Design, the role holder is responsible for defining, analyzing and periodically reviewing the cyber security strategy and roadmap based on the ever-evolving threat landscape and ensure risks identified are adequately mitigated. He/she will also architect and design cyber security systems in line with best practices to ensure they meet all requirements including adequate security, capacity and performanceRESPONSIBILITIESDefine, analyze and periodically review the cyber security strategy and roadmap based on the evolving threat landscape and ensure risks identified are mitigatedArchitect and design cyber security systems in line with best practices to ensure they meet user requirements including adequate security, capacity and performance.Define cyber security requirements and acceptance criteria for new systemsDraft and evaluate RFIs/RFPsLiaise with Supply Chain in the procurement processDo the technical evaluations and PoCs (Ops team should also be involved in this)Select the best solution and present to the investment governance boardEnsure all vendors have up-to-date contracts (contract management)Implement, Test, Deploy and Commission new systems Ensure proper change management and system handover processes are followedRecommend major upgrades where required and liaise with the operations team when doing the upgrades especially if it affects the design/architecture of the systemEnsure all security technology and processes implemented are continually improved to maximize on their returns/benefitsManage all aspects of projects and vendor related issues in line with best practicesDefine metrics and report periodically that clearly demonstrate return on security investment (ROSI)Conduct research and development on new areas in security and present on them for sensitization and knowledge transfer to other team members/staff Ensure all security systems implemented have high availability and disaster recovery in accordance with best practicesQUALIFICATIONSDegree in Information Security/Computer Science/Information Technology or other relevant Technical DegreeInformation security certifications e.g. CISSP/CISM/CISA/CCSP/GSECAdvanced Networking certifications e.g. Cisco/Fortinet/Checkpoint/Huawei Certifications in Microsoft Windows and Linux/Unix Operating Systems e.g. Redhat, LPI, Comptia+ Demonstrate competency in the implementation and administration of various security tools e.g. Firewalls, Intrusion Prevention systems, Web application firewalls, Anti-DDOS, Antivirus, DLP etc…Minimum of 4 years' experience in implementing and administering Cyber Security tools – e.g. Firewalls, Intrusion Prevent Systems, Web Application Firewalls, Content Filters, Endpoint protection, Data Leakage Prevention etc…Minimum of 4 years' experience in IT Networks e.g. Cisco, Fortinet, Checkpoint, Huawei etc…Minimum of 4 years' experience with various Operating Systems e.g. Windows, Linux, Unix etc…Working knowledge of web technologies e.g. cPanel, Apache, PHP, Joomla, Wordpress and ASP will be an added advantageWorking knowledge of databases e.g. Oracle, MSSQL, MySQL, Postgress SQL will be an added advantageWorking knowledge of Virtualization Technologies e.g. VMWare, Openshift, Open Stack will be an added advantageWorking knowledge and experience in DevOps and Microservices technologies i.e. Docker, Kubernetes, Jenkins, Gitlab/Github etc… will be an added advantageWorking knowledge of Mobile and GSM technologies e.g. Android, IOS, 2G, 3G, LTE, USSD etc… will be an added advantageWorking knowledge of encryption technologies e.g. PKI, HSM, PGP will be an added advantageExcellent communication skills and great team playerExcellent project and time management skills (getting things done in a timely manner) Excellent report writing and presentation skillsVery analytical and logical thinkerSelf-driven with minimal supervision
