Position Title:
|
IT Security Analyst I/II – Compliance Analyst
|
Application Deadline Date:
|
15 Feb 2014
|
Position Location:
|
Nairobi; Seattle WA, USA; KL, Malyasia; or other
|
Position Start Date
|
17 Mar 2014
|
Region:
|
Africa\East Africa
|
Position End Date:
|
|
Requisition Category:
|
International
|
Recruitment Priority:
|
Need Immediately
|
Country Name:
|
Kenya
|
Program/Office Name:
|
GICT
|
City/Province:
|
Nairobi; Seattle WA, USA; KL, Malyasia; or other
|
Employee Type:
|
Regular Full-time
|
Job Grade Level:
|
14/15
|
Recruitment Status:
|
Actively Recruiting
|
Is this a family post?
|
Family - Spouse with Children
|
|
|
|
|
Requisition Num:
|
2013AFERBRE-9CZPSH
|
*PREFERRED LOCATIONS: NAIROBI, KENYA; SEATTLE, WA, USA; AND MALAYSIA*
PURPOSE OF POSITION:
This position involves the monitoring and targeting mandated regulatory compliance (i.e. PCI), but also compliance with internal audit controls and Partnership-wide security principles, policies, standards, procedures, and minimum security baselines. Individuals who perform work as an IT Security Analyst I/II are also responsible for working on security projects/issues for a functional area (e.g., data, systems, network and/or Web). They provide input and recommendations to address security issues that impact other functional areas. They provide technical support to project teams to ensure the company’s infrastructure and information assets are protected.
KEY RESPONSIBILITIES:
Policies, Procedures & Standards:
- Proposes
improvements and assists in the implementation of enterprise-wide security
policies, procedures and standards.
- Monitors
compliance with security policies, standards, guidelines and procedures.
- Ensures
security compliance with legal and regulatory standards.
Security Support: - Provides
security support to ensure that security issues are addressed throughout
the project life cycle.
- Provides
responsive support for problems found during normal working hours as well
as outside normal working hours.
- Resolves
problems and assists with security incident handling.
- Responds
to security incidents and assists in forensic investigations.
- Works
with teams to resolve issues that are uncovered by various internal and
3rd party monitoring tools.
Security Audits: - Assists
in security audits.
- Inspects
security logs to uncover possible security violations (e.g., break-ins,
unauthorised activity).
- Checks
existing accounts and data access permission requests against documented
authorizations.
Risk Assessments: - Assists
in business impact analysis to ensure resources are adequately protected
with proper security measures.
- Follows
up on deficiencies identified in monitoring reviews, self-assessments,
automated assessments, and internal and external audits to ensure that
appropriate remediation measures have been taken.
- Runs
security analysis reports using commercial tools or custom scripts and
documents gaps.
Information/Data Security: - Checks
existing accounts and data access permission requests against documented
authorizations.
- Develops
and delivers security awareness programs.
KNOWLEDGE, SKILLS & ABILITIES:
Required:
- Bachelor’s
Degree in Computer Science, Information Systems or other related field, or
equivalent work experience.
- Typically
requires 1 - 3 years of IT work experience, preferably in a
compliance-related role.
- Willingness
and ability to travel domestically and internationally, as necessary.
0 comments:
Post a Comment