Job Title: Senior Information Security Analyst
Sector: Information Technology
Employment Category: Regular
Employment Type: Full-Time
Open to Expatriates: No
Location: Nairobi, IHUB, Kenya
Job Description
Background/IRC Summary: Background/IRC Summary: The International Rescue Committee (IRC) responds to the world’s worst humanitarian crises and helps people to survive and rebuild their lives. Founded in 1933 at the request of Albert Einstein, the IRC offers lifesaving care and life-changing assistance to refugees required to flee from war or disaster. At work today in over 40 countries and 22 U.S. cities, we restore safety, dignity, and hope to millions who are uprooted and struggling to endure. The IRC leads the way from harm to home.
The IRC has defined a new
strategic mission & vision, along with initiatives and key processes to
meet strategic objectives. The IT department provides reliable and scalable
application development and infrastructure for the IRC’s offices around the
world, including technologically complicated locations. IRC’s ITHQ department
includes 80 professionals primarily in the US & Nairobi and over 150 IT
professionals in 40 counties supporting 15, 000 staff globally.
Job Overview/Summary:
The Senior Information
Security Analyst is a key member of the Global Information Security (GIS) team
supporting cyber security and data privacy services, operations,
communications, and awareness. Reporting to and supporting the Deputy Director
of Security Operations (DD SecOps), this role strengthens IRC’s risk posture
through the support of the multi-year Security Enhancement Program (SEP). This
position serves as a backup to the Deputy Director SecOps and develops and
aligns IT security controls with strategy and best practices, proactively
and reactively assessing threats. The ideal candidate has a consistent record
in both IT security technology implementation, operation and incident response.
Major Responsibilities:
This role is a key member
of the GIS team supporting cyber security and data privacy services,
operations, communications, and awareness. Reporting to and supporting the
Deputy Director of Security Operations (DD SecOps), this role strengthens IRC’s
risk posture through the support of the multi-year Security Enhancement Program
(SEP). This position serves as a backup to the Deputy Director SecOps and
develops and aligns IT security controls with strategy and standard
methodologies, proactively and reactively assessing threats. The ideal
candidate has a proven record in both IT security technology implementation,
operation and incident response.
Major Responsibilities:
Cyber Incident Response and IT Security and Privacy Support
- Strengthen
security operations by leading the design and deployment of key technology
security and privacy features. Lead organizational threat intelligence,
incident response teams, and server as primary author for IR playbooks and
processes.
- Be
responsible for and administer Security Information and Event Management
(SIEM) system, improving processes to ensure alerts are dispositioned
according to standard process at all levels of support. Provides ongoing
analysis and tuning of the SIEM and implements SIEM and EDR-related
management processes, including incident response playbooks and procedures
for current and emerging threats.
- Design
and implement security and privacy health feedback metrics for multiple
audiences. Use multiple sources, as necessary, to create and maintain
metrics/measurements to articulate the current risk posture.
- Serve
as primary custodian (administrative, operational, and technical system
administrator) for key Sentinel, Zerofox, Mandiant, Azure Defender, M365
security and compliance, and other systems as specified. Provide technical
direction and training to technical staff to correct high-priority
vulnerabilities. Resolve problems through internal resources or
consultation with vendor technical support staff.
- Provides
input and advisory support to MS Dynamics 365 security team.
- Actively
supports Managed Security Services Providers and other related risk
management providers.
Change and Project Management
- Works
with organizational change management specialists to update and strengthen
communications.
- Coordinates
with PMO and adheres to PMO project methodology.
- Completes
projects on time and quickly develops and maintains relationships with the
organization.
Key Working Relationships:
Position Reports to:
Deputy Director – Security
Operations
Position directly supervises: NA
Indirect Reporting:
Other
Internal and/or external contacts:
Internal: IT staff across regions,
HQ and Nairobi iHub, Safety and Security Team, Integra
External: Industry/sector peers and
vendors. Law enforcement if needed for incident response.
Job Requirements:
Education
Bachelor’s degree in an
information systems-related field is required or 5 years of equivalent work
experience. Advanced degree preferred.
Work Experience
Min 3-6 years in IT
including at least 2 years in IT security operations, 2-5 years in a global
organization;
Demonstrated Skills and Competencies
- Demonstrable
experience leading and improving incident response for 8,000+ enterprises
including establishing processes, standards, and runbooks.
- Validated,
hands-on understanding of Azure and enterprise-class technologies
including phishing simulators, email security (i.e. gateway,
DMARC/SPF/DKIM, etc.) M365, DLP and SSO/SAML, etc. sufficient to engineer
technical security controls and respond to incidents.
- Confirmed,
hands-on experience optimizing cloud security systems such as MS Defender,
Google Security Center, AWS (i.e. IAM, Macie, GuardDuty, Cloudtrail, etc.)
Meraki, CASB, Box or Salesforce Shield, etc.)
- Experience
with MS KQL, python, and cyber frameworks (i.e Mitre Attack Framework,
CIS, OWASP, etc.).
- Good
interpersonal skills to help identify key relationships and to maintain
them, and adequate oral and written communications skills for technical
policy and standards development.
- Proven
project management capabilities for deployment of IT security products and
supporting communications skills needed to drive organizational change.
Language Skills: English required
Language
Skills: English required; French and Arabic a plus
Certificates or
Licenses: GIAC, CISSP, ITIL, CISM or others, which support adequate ability
to design, deploy and operate IT security solutions; must possess or be
actively working towards AZ500 Microsoft Azure Security Technologies.
Working Environment: Standard office work
environment; work location may be another IRC office.
Travel: Up to 5% /year
CLICK HERE TO APPLY
The IRC and IRC workers must adhere to the values and principles
outlined in IRC Way – Standards for Professional Conduct. These are Integrity,
Equality, Service, and Accountability. In accordance with these values, the IRC
operates and carries out policies on Beneficiary Protection from Exploitation
and Abuse, Child Safeguarding, Anti Workplace Harassment, Fiscal Integrity, and
Anti-Retaliation.