Principal Engineer, Cyber Security Operations at NCBA Group

JOB PURPOSE STATEMENT

The Principal Engineer, Cyber Security Operations will be responsible for day-to-day running of security programs such as Patch and Vulnerability Management, Incident Response and Security Monitoring. The role will work with NCBA Group Cyber team to manage support SLAs. They will also be responsible for managing and closure of Technology audit issues in Digital Business and maintaining an up to date asset register.

The role will lead and coordinate all cyber security operation activities in 5 markets (Kenya, Tanzania, Rwanda, Ghana and Ivory Coast) in collaboration with NCBA group Cyber team.

KEY ACCOUNTABILITIES (DUTIES AND RESPONSIBILITIES)

• Patch and Vulnerability Management (25%): Maintain a robust PVMG process by working with system and application custodians to ensure Vulnerabilities are closed within SLA.
• Audit (35%): Track all audit issues within Technology and ensure they are closed within the agreed timelines.
• Security Monitoring (25%): Onboard all Digital Business assets to SIEM and perform SOC L2 role for NCBA Digital Business systems.
• Leadership (15%): Manage and coordinate cyber operation initiatives and ensure support SLAs are compliant. Define and report on key cyber operations metrics to senior management to measure return of investment in Cyber and Cyber risk management.

Main Activities

• Perform regular Vulnerability assessment and Compliance hardening reviews on all NCBA Digital Business assets.
• Serve as the primary point of contact & escalation point for Security Administration tasks.
• Onboard all Digital Business systems to SIEM for monitoring by L1 teams.
• Perform SOC L2 role and investigate, close and report all cyber incidents affecting Digital Business Systems.
• Coordinate and track closure of all audit issues within Technology.
• Maintain an updated asset register for all servers and applications.
• Undertake follow ups with system custodians to ensure identified risks are addressed within the agreed timelines.
• Continuously review and improve cyber processes to ensure efficient support to the agile process of software development.
• Work with Group Cyber to ensure that controls are well fine-tuned to protect NCBA Digital assets.

JOB SPECIFICATIONS

Academic:

• A Bachelor’s degree in Computer Science, Information Technology or related field.
• Information security certifications e.g. CEH/CISSP/CISM/CISA/GIAC/CPTP/OSCP

Desired work experience:

• Minimum of 5 years in Cyber Security systems administration e.g. Intrusion Prevention Systems, Web Application Firewalls, Remote access, Content Filters, endpoint protection, vulnerability management solutions etc.
• Minimum of 2 years’ working experience in Networking and Operating Systems e.g. Cisco, Huawei, Windows (All) and Linux.
• Experience in leading teams of security analysts will be an added advantage.

JOB COMPETENCIES

Technical Competencies

• Hands on experience in software development with major languages Java, C++, C# and practical experience using relation RDBMS e.g. Oracle and MS SQL etc.
• Working knowledge of Cloud technologies in at least one of the following: AWS, Azure, Google and Huawei.
• Excellent analytical, problem solving and reporting skills
• A good knowledge of the systems and processes within Financial Services industry.
• Knowledge and experience in modern practices for Cyber security, Application Development and Agile Project management in medium to large Financial Institutions.
• Technical skills to effectively perform security testing activities/tasks across various technologies in a manner that consistently produce high quality of results.
• Knowledge and effective application of all relevant banking policies, processes, procedures and guidelines to consistently achieve required compliance standards or benchmarks.
• Self-empowerment to enable development of open communication, teamwork and trust that are needed to support performance and customer-service oriented culture.

Behavioural Competencies

• Relate easily and naturally with executives, business managers, technical teams and customers. Has excellent listening skills and understands the desires and challenges of all our leaders and customers.
• Ability to form trusted relationships with technical teams and customers
• Possess broad knowledge of business and has an interest in market trends. Have intricate knowledge of our business: its vision, mission, strategy, values and how it operates.
• Clearly communicate and share the planned cyber initiatives, reports, and risks with executives, business leaders, and stakeholders across the organization - in a manner that leaves them all touched, moved and inspired.
• Passionate about innovation. Loves technology and possesses both a deep and broad understanding of the technology market and cutting-edge technology and Cyber trends.
• Continuously listening to our stakeholder’s feedback and coming up with new architectures and enhancing existing ones to leverage these cutting-edge technologies.
• Self-motivated and self-managing.
• Their work has had a material impact in attracting new customers, delighting existing customers, increasing our market share and enhancing our organizations efficiency and profits.
• Delivery model is organized around delighting our customers, increasing our profitability, and increasing the businesses efficiency.