Terms of Service: Permanent & Pensionable upon successful completion of six(6) months probationary period

Remuneration:     As per KRA salary structure

Job Highlights

The role of Assistant Manager - Cyber Security Operations Center reports to Manager – Cyber Security Operations Centre (SOC).

Job Purpose

The job holder shall be responsible for day to day operation of 24/7 cyber Security Operations Centre (SOC), analysis of threat intelligence from various internal and external sources, managing security incidents such as detection, analysis, response, and recovery, monitoring and analysis of potential and active threats targeting all KRA systems and IT infrastructure.

Duties and responsibilities

• Develop, review, record, monitor and report performance on key productivity indicators for incidents & security monitoring function.
• Coordinate identification, investigation of cyber-attacks targeted to the Authority’s networks and recommend suitable solutions to further secure company digital assets.
• Ensure that adequate security logs are captured and optimized across Organization's systems; perform deep-dive incident analysis by correlating data from various internal and external log sources for enhanced detection of cyber-attacks
• Enhance Information security through operationalization of 24/7 cyber security monitoring and surveillance within KRA's IT infrastructure to detect and deter cyber-attacks.
• Review cyber security data sets & reports received from the National Cyber Incident Response Team and other external sources. Collect threat intelligence from various sources (deep web/dark web, vendor security alerts, adversary behaviors, active incidents, national and international events, etc.), analyze associated threats and risks for recommendation of appropriate mitigating measures.
• Coordinate cyber threat hunting and content engineering activities in the Security Operation Center.
• Develops the unit Annual Work Plan, draft unit annual budgets and ensure prudent utilization of allocated funds.
• Prepares unit monthly, quarterly, annual and ad hoc reports;
• Develop, mentor and coach staff and manage performance of the staff
• Ensure conformity to ISO (9001/2015 and 27001/2013) and data security requirements.

Person specificationsk

For appointment to this job, the candidate must have:

• Bachelor’s Degree in any of the following disciplines: - Computer Science, Information Communication Technology, Business Information Technology or relevant and equivalent qualification from a recognized Institution
• Four (4) years relevant work experience, one (1) of which must be at Supervisory level.
• Management Course lasting not less than four (4) weeks from a recognized institution, will be an added advantage.
• Working experience in security tools such as python, firewalls, IPS, SIEM, SOAR, SQL, LINUX, databases etc.

Professional Qualifications / Membership to professional bodies

Any of the following professional certifications:

• CEH, CISSP, ECIH, CFHI, CISM, CISA, MCSE, CCNA,
• Certification in relevant security tools

Membership to a professional body with a valid practicing certificate/license

Key Competencies

• Innovative thinking
• Organizational skills
• Resilience and Adaptability
• Critical Thinking and Problem-Solving
• Customer-Centrism Approach
• Professionalism, Ethical Judgment and Integrity