Job Title: Information Security Analyst
Job ID: req53294
Location: Nairobi, Nairobi Municipality, Kenya
Category: Operations & Administration Support
Employee Category: Regular
Job Type: Full Time
Work Arrangement: Open to Remote
Open To Expatriates: No
Currency: Kenyan Shilling
Compensation: Monthly
Organization Overview:
The International Rescue Committee (IRC) is a leading international humanitarian organization dedicated to responding to the world’s most challenging crises. Founded in 1933, IRC operates in over 50 countries and more than 25 U.S. cities, working to restore health, safety, education, and economic well-being to those affected by conflict and disaster. With a mission to deliver lasting impact, IRC is committed to safety, dignity, and hope for millions worldwide.
Job Overview/Summary:
The IRC is seeking a highly skilled Information Security Analyst to join our Security Operations (SecOps) team. This operational role focuses on monitoring security information and event management (SIEM) systems, investigating security events, running vulnerability scans, and supporting the service desk. The ideal candidate will have experience with Microsoft Sentinel, ServiceNow, Qualys, and ZeroFox.
Major Responsibilities:
- Cyber Incident Response and IT Security:
- Continuously monitor the SIEM to identify and analyze potential security incidents and threats.
- Investigate security events escalated from the service desk or managed security service providers (MSSP), determine the root cause, and implement corrective actions.
- Run regular vulnerability scans using tools such as Qualys and collaborate with teams to remediate identified vulnerabilities.
- Train the service desk on SecOps processes and procedures for effective initial triage of security events.
- Compile and report on operational metrics to provide insights into the security posture and effectiveness of security controls.
- Utilize SIEM systems for advanced threat detection, IT service management (ITSM) platforms for ticket management, and social media threat monitoring tools.
- Stay updated with the latest IT security trends and technologies to protect information assets.
- Develop and implement security plans, conduct simulated cyber-attacks, and address vulnerabilities.
- Provide recommendations for security advancements and help train junior colleagues in information security.
Key Working Relationships:
- Position Reports to: Manager – Security Operations
- Indirect Reporting: Director, Security Operations and Engineering Team
- Internal Contacts: IT staff across regions, HQ and Nairobi iHub, Safety and Security Team
Job Requirements:
- Education: Bachelor’s degree or equivalent professional experience in Computer Information Systems, Management Information Systems, Computer Science, or a related field.
- Work Experience: Minimum 2 years in IT security operations, with at least 1 year in a global organization.
- Skills and Competencies:
- Strong knowledge of SIEM systems, ITSM ticketing systems, and vulnerability management tools.
- Ability to analyze complex security issues and provide actionable recommendations.
- Excellent verbal and written communication skills for training and reporting.
- Relevant certifications such as CEH or CompTIA Security+ are a plus.
- Previous operational information security experience is highly desirable.
- Language Skills: English required; French and Arabic are a plus.
- Certifications/Licenses: Security+, or other security-related certifications, and must possess or be actively working towards AZ500 Microsoft Azure Security Technologies.
Working Environment:
- Hybrid: Includes remote and standard office work environment.
- Travel: N/A
Equal Opportunity Employer:
IRC is an Equal Opportunity Employer and considers all applicants based on merit without regard to race, sex, color, national origin, religion, sexual orientation, age, marital status, veteran status, disability, or any other characteristic protected by applicable laws. Women, minorities, people living with disabilities, and local applicants are encouraged to apply.
IRC adheres to values and principles outlined in the IRC Way – Standards for Professional Conduct: Integrity, Service, and Accountability. We enforce policies on Beneficiary Protection from Exploitation and Abuse, Child Safeguarding, Anti-Workplace Harassment, Fiscal Integrity, and Anti-Retaliation.
Commitment to Gender, Equality, Diversity, and Inclusion:
IRC is dedicated to creating a diverse, inclusive, respectful, and safe work environment where all individuals are treated fairly with dignity and respect. We strive to increase representation from local communities, under-represented races, and ethnicities in global power structures.