Job Purpose

The Cyber Security Operations Center CSOC team is responsible for managing and enhancing the Bank's cybersecurity posture by monitoring, detecting, analyzing, and responding to cybersecurity threats in real-time. The CSOC play a critical role in protecting digital assets and ensuring business continuity by proactively identifying and mitigating potential cybersecurity risks. They are the primary contact for any suspected incidents and working together with remediation teams to resolve incidents and remediate cybersecurity threats to the Central Bank of Kenya.
Reporting to the Senior Manager, Cyber Security Operations, the successful candidate will work on shift to provide 24x7 eyes-on-glass service at the CSOC, performing real-time monitoring, identification, analysis, investigation, containment, and response or escalation of security incidents.

Key Duties and Responsibilities

Strategic Responsibilities

• Contribute as appropriate to the performance of the function and the overall achievement of the Bank’s strategic objectives.

Technical and Operational Responsibilities

• Perform 24*7 real-time monitoring of security alerts generated by various security solutions deployed by the Bank.
• Threat Analysis: Analyzing security alerts and events to determine their legitimacy and severity.
• Analyze and assess security alerts and escalate to Level 2/3 analysts for further investigations and communication.
• Investigating and responding to security incidents, including malware infections, data breaches, and insider threats.
• Documenting security incidents, creating detailed reports, and communicating findings to relevant stakeholders.
• Threat Intelligence: Staying up to date on the latest cybersecurity threats, vulnerabilities, and attack techniques.
• Collaborating with other security teams and sections to coordinate security efforts.
• Improvement: Contributing to security improvements by tuning security tools, recommending policy changes, and implementing new security controls.

Qualifications

• Bachelor’s degree in Electrical Engineering/ Computer Science/ Information Technology or related technical field.
• Certifications in the following will be an added advantage.
  • CCNA, CEH, CISA, CISM, or any other information security-related course
  • Networking certifications: CCNA/CCNP/CCSP/CCIE or any equivalent
  • Microsoft Windows, and Linux/Unix Operating Systems

Work Experience

• At least 2 years of experience in IT User Support, Microsoft Windows, Linux/Unix Operating Systems, IT Networks, and network protocols such as TCP/IP, Syslog, DNS, NetFlow, etc.
• Knowledge in the following areas will be necessary.
  • Information Security technologies such as SIEM/IPS/Firewalls/, Content Filters, Security Scanning tools, Antivirus, Encryption, etc.
  • Programming shell, Python scripting, etc., and web technologies such as HTML, JavaScript, PHP, etc.
  • Security vulnerability assessment, minimum security baseline standards.