Latest Recruitment at Britam

Job Purpose:

To Develop and enhance security solutions to protect Britam's information systems, ensuring the security, integrity, and availability of critical data and systems. The ideal candidate will have a thirst for knowledge, a passion for cybersecurity, and system development and a strong desire to learn and grow in a fast-paced environment.

Key Responsibilities:

• Designing security software solutions: your primary role as a security developer is creating and developing security tools.
• To analyze security threats in an organization and develop solutions for the problem. The solutions could be implementing an existing application or creating a solution from scratch.
• Developing new software involves designing and building a prototype for the software.
• Perform ongoing security testing and code review to improve software security.
• Implement, test and operate advanced software security techniques in compliance with technical reference architecture.
• Provide engineering designs for new software solutions to help mitigate security vulnerabilities.
• Consult team members on secure coding practices.
• Develop a familiarity with new tools and best practices.
• Maintain technical documentation.
• Develop and maintain API's.
• Design, develop, and implement security solutions and tools.
• Collaborate with SOC analysts and architects to identify security requirements and develop appropriate security measures.
• Conduct code reviews and security assessments to identify and mitigate vulnerabilities in software and systems.
• Develop and maintain security policies, procedures, and documentation. 
• Implement automation scripts and tools to streamline SOC operations and incident response. 
• Stay up-to-date with the latest security threats, technologies, and best practices, and apply this knowledge to improve security solutions. 
• Provide technical support and guidance to other team members and departments regarding security best practices and implementations. 
• Delegated Authority: As per the approved Delegated Authority Matrix. 
• Perform any other duties as may be assigned from time to time.

Knowledge, experience, and qualifications required:

• Bachelor's degree in Computer Science, Information Security, or a related field.
• Proven work experience as a software security engineer 2-3 years' experience in IT or an IT-related role, prior experience or internship in a cybersecurity-related role is a plus but not required.
• Strong analytical and problem-solving skills with attention to detail.
• Excellent communication and collaboration skills with the ability to work effectively in a team environment.
• Demonstrated ability to learn quickly and adapt to new technologies and concepts.
• Detailed technical knowledge of techniques, standards and state-of-the-art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation.
• Strong understanding of cybersecurity principles, threats, and vulnerabilities.
• Familiarity with secure software development practices and tools.
• Knowledge of network security, encryption, and authentication methods.
• Experience with security tools and technologies (e.g., SIEM, firewalls, IDS/IPS).
• Experience with scripting and automation (e.g., Python, PowerShell).
• Ability to identify and mitigate security vulnerabilities in code and systems.
• Strong knowledge of operating systems, network protocols, and security architectures.
• Strong communication skills to effectively collaborate with other SOC members and departments.

go to method of application »

Job Purpose:

• To Monitor and analyze security incidents, identify and mitigate threats, and ensure the security of Britam's information systems. 
  We are seeking a highly skilled and motivated SOC Analyst to join our dynamic Security Operations Center (SOC) team. 
• The ideal candidate will have a strong background in cybersecurity, with expertise in threat intelligence, threat detection, incident response, and security operations. In addition to technical proficiency, the candidate should possess excellent communication skills and the ability to mentor junior SOC analysts.
• Experience with automation tools and artificial intelligence (AI) is highly desirable. 

Key Responsibilities:

• Monitor and analyze security alerts and incidents generated by various security tools and technologies, including SIEM, IDS/IPS, endpoint detection and response (EDR), and network traffic analysis tools. 
• Investigate security incidents, including analyzing logs, network traffic, and endpoint data to identify indicators of compromise (IOCs) and determine the scope and impact of the incident.
• Conduct in-depth analysis of security events and incidents to identify root causes, indicators of compromise (IOCs), and attack vectors. 
• Develop and maintain SOC playbooks, procedures, and workflows to streamline incident response processes and improve efficiency.
• Mentor and train junior SOC analysts on security best practices, incident response procedures, and technical skills. 
• Collaborate with cross-functional teams, including IT, network operations, and application development, to address security vulnerabilities and improve overall security posture. 
• Evaluate and implement security technologies, tools, and solutions to enhance SOC capabilities and effectiveness. 
• Leverage automation tools and AI-driven analytics to optimize threat detection, response, and remediation processes. 
• Participate in security awareness training programs for employees and guide cybersecurity best practices. 
• Develop and participate in tabletop exercises, incident response drills, and simulations to test and improve incident response procedures and preparedness.
• Stay current with emerging threats, vulnerabilities, and security technologies through continuous learning and professional development.
• Gather and analyze threat intelligence to identify emerging threats and vulnerabilities, monitor external sources for threat indicators and assess there relevance to organizational security and develop and maintain threat intelligence reports.
• Collaborate with IT and other departments to ensure security best practices are followed.
• Delegated Authority:  As per the approved Delegated Authority Matrix.

Key Performance Measures:

• As described in your Personal Score Card.

Knowledge, experience, and qualifications required:

• Bachelor’s degree in computer science, Information Security, or a related field. 
• Certifications (e.g., GIAC, CEH, PNPT, CompTIA Security+) is a plus. 
• Minimum of 3-4 years of experience in cybersecurity, with at least 2 years of experience in a SOC role. 
• Strong understanding of cybersecurity principles, threat intelligence, and attack methodologies. 
• Experience with security technologies such as SIEM, IDS/IPS, EDR, firewalls, and endpoint security solutions.
• Proficiency in scripting and automation using languages such as Python, PowerShell, or Bash. 
• Familiarity with artificial intelligence (AI) and machine learning (ML) concepts and their application to cybersecurity. 
• Excellent analytical skills with the ability to analyze and interpret complex security data sets. 
• Effective communication skills with the ability to convey technical concepts to both technical and non-technical audiences. 
• Strong leadership and mentoring abilities with a desire to help develop junior talent within the SOC team. 
• Knowledge of regulatory requirements and compliance frameworks relevant to the financial services industry (e.g., PCI DSS, GLBA.)
• Ability to analyze and interpret security logs and data.
• Understanding of network protocols and security technologies.
• Strong problem-solving and analytical skills.

go to method of application »

Job Purpose: 

The Cyber Security Analyst will play a key role in supporting the Cyber Security Specialist in mitigating cybersecurity risks and enhancing the security posture of Britam. The role holder will be responsible for red team operations, penetration testing, social engineering and responding to security incidents and threats, providing technical expertise to manage current exposures and assisting in the assessment of potential new threats. The ideal candidate will play a critical role in assessing and improving our organization's security posture through simulated attacks and penetration testing. This role requires deep technical knowledge, analytical skills, and the ability to emulate sophisticated threat actors.

Key Responsibilities:

Red Team Operations:

• Plan, coordinate, and execute red team operations to assess the organization's security defenses and resilience against advanced cyber threats.
• Simulate real-world attack scenarios to identify vulnerabilities and weaknesses in systems, networks, and applications.

Penetration Testing:

• Conduct thorough penetration tests and vulnerability assessments using manual techniques and automated tools.
• Identify and exploit security vulnerabilities across various attack surfaces, including web applications, mobile applications, network infrastructure, and wireless networks.

Social Engineering:

• Perform social engineering assessments, including phishing simulations and physical security assessments, to test employee awareness and response.
• Evaluate the effectiveness of security awareness training and policies.

Reporting and Documentation: 

• Prepare detailed penetration test reports documenting findings, vulnerabilities, exploitation techniques, and recommended remediation measures. 
• Present findings to technical and non-technical stakeholders, including senior management. 

Collaboration and Leadership: 

• Collaborate with cross-functional teams, including blue teams, incident response teams, and IT operations, to address and remediate identified vulnerabilities. 
• Provide technical guidance and mentorship to junior team members.

Research and Development: 

• Stay updated with the latest security threats, vulnerabilities, and exploitation techniques. 
• Conduct research and development to enhance penetration testing methodologies and tools. 

Continuous Improvement: 

• Participate in security awareness training programs and tabletop exercises to improve incident response capabilities and organizational preparedness. 
• Delegated Authority: As per the approved Delegated Authority Matrix. 
• Perform any other duties as may be assigned from time to time.

Knowledge, experience, and qualifications required:

• Bachelor's degree in Computer Science, Information Security, or a related field.
• Certifications such as PNPT, OSCP, OSWE, GPEN, CEH, or related certifications are highly preferred.
• Minimum of 2-3 years of experience in cybersecurity, with a focus on penetration testing and red team operations.
• Strong understanding of cybersecurity principles, attack methodologies, and defense-in-depth strategies.
• Proficiency in using penetration testing tools and frameworks, such as Metasploit, Burp Suite, Nmap, etc.
• Experience with network and application security assessments, including web application testing, mobile application testing, and network penetration testing.
• Ability to analyze and interpret complex security data sets and provide actionable recommendations.
• Excellent communication skills, both verbal and written, with the ability to convey technical concepts to diverse audiences.
• Leadership abilities with experience in leading red team engagements and collaborating effectively in a team-oriented environment.
• Strong ethical hacking principles and commitment to maintaining professional conduct.
• Automation and Scripting: Proficiency in scripting and automation using languages such as Python, PowerShell, or Bash is an added advantage.
• Regulatory Knowledge: Familiarity with regulatory requirements and compliance frameworks (e.g., PCI DSS, GDPR) is an added advantage.