Senior Systems Security Analyst
Job Ref: HR:
KP1/5B.2/1/3/1226
Reporting to the Principal
Security Analyst, the Senior Systems Security Analyst will be responsible for
Implementing, reviewing and aligning ICT Systems, Databases and Business
Applications Acquisition and Development Policies, Procedures and Practice to
ensure that they comply with IT industry standards to fully secure the
organization’s Data and Information.
Key Tasks & Duties
Assist
in planning for short and long-term resources requirements for the section.
Work
with database administrators, systems developers and application owners to
review and implement security controls to mitigate system security
threats/risks throughout the system/program life cycle.
Review procedures and processes to identify security control gaps in systems development, acquisition and maintenance to ensure that threats are properly identified, analyzed and mitigated.
Participate
in investigations on computer security compromises, incidents, or problems and
recommend corrective actions.
Review
application, system and database logs and audit trails to identify violation to
procedures and processes.
Research
on emerging threats and vulnerabilities in information security to gain
awareness of the latest information security technologies and developments.
Review
version, patch management procedures and practices in all systems, and where
necessary develop and implement measures to improve the same.
Implement
procedures to automate and enhance monitoring of business applications,
databases and systems, including user and process activities.
Identify
and develop security and productivity-enhancing improvements and innovation.
Coordinate
security measures for information systems to regulate access to system data and
information to prevent unauthorized modification, destruction, or disclosure of
information.
Train
users and promote security awareness to ensure system security and to improve
server and network efficiency.
Consult
with users on data and information access and processing needs, to mitigate
against security violations, and programming changes.
Recommend
modification or update audit monitoring systems and solutions to incorporate
new applications, databases and systems, or change individual access status
Coordinate
execution of implementation plan of system changes/upgrade between IT, user
departments and outside vendors to alleviate security violations
Perform
risk assessments to identify violation or vulnerabilities to procedures and
execute tests on applications to ensure that data availability, confidentiality
and integrity is maintained and as well guarantee compliance to standards and
process activities and advise/recommend corrective action.
Maintain
access management reports and processes to identify access events, exceptions,
or trends which require investigation, remediation, or mitigation
Contribute
to the information security planning, assessments, risk analysis, risk
management, certification and awareness activities for system operations.
Job Specifications:
Bachelor
of Science degree in Computer Science, Information Technology, Electrical &
Electronics Engineering or related field.
Certified
Information Security Auditor (CISA) and/or Certified Information Security
Manager (CISM) certification for Analyst IV and III respectively will be an
added advantage.
Six
(6) years’ experience in a similar role and organization.
Work Experience
Experience
in System vulnerability checks and threats analysis including penetration
testing.
Proficiency
in computer applications as in Serve Systems administration, Database Servers,
Programming and Systems analysis.
Understanding
best practices in systems security and controls.
Good
Project Management skills.
How To Apply
Interested persons should
submit their applications online through
visiting Kenya Power website on http://www.kplc.co.ke. Attach detailed Curriculum Vitae, copies
of Academic and Professional Certificates and other testimonials. Please note
that we may use this information to conduct background verification during the
recruitment process. Quote the title of the position you are applying for and
include your mobile telephone contact, email addresses to be received not later
than Wednesday,1st November 2023. .
Only candidates offered
employment shall be expected to present the following clearance certificates;
Valid
Certificate of Good Conduct from the Directorate of Criminal Investigations
Valid
Clearance Certificate from Higher Education Loans Board (HELB)
Valid
Tax Compliance Certificate from Kenya Revenue Authority (KRA);
Current
Clearance from the Ethics and Anti-Corruption Commission (EACC);
Current
Report from an approved Credit Reference Bureau (CRB)
