IT Security Operations Centre Analyst (SOC)
Job expires on May 31, 2023
Are you looking for an employer who promotes individual excellence and mutual respect in a team-driven culture with a key focus on social empowerment? The Co-operative Bank of Kenya, “
The Kingdom bank” is the place for those looking to new horizons. If you can easily identify and assess threats, put plans in place for ‘if things go wrong’ and decide how to avoid, reduce, or transfer risks in an IT environment then this is the perfect career move for you.
Directly reporting to the Lead-SOC, the SOC Analyst will work collaboratively with other ICT Security functions, Technology and Enterprise Services, ICT Risk and Control, and Security Services teams to detect and respond to information security incidents, maintain, and follow procedures for security event alerting and participate in ICT related security investigations.
Specifically, the successful jobholder will be required to:
- Be part of a 24hr active Monitoring and analysis of the Bank’s networks for malicious activity using Security Incident and Event Management (SIEM) toolsets. This will include responding to and investigating alerts, assisting with developing new security monitoring use cases, and ensuring all investigative activity is properly documented in the bank’s ticketing systems and followed up with relevant support teams.
- Conduct proactive cyber threat research and analysis. Monitoring open-source intelligence sources for potential threats against the Bank, and ensure appropriate defensive actions are taken with respect to these.
- Triage and investigate alerts generated from various security monitoring solutions and SIEM; indicators of compromise (IOCs like file hashes, IP addresses, domains, etc.) and escalate them to the ICT respective units and ensure that appropriate follow-up actions are taken to mitigate the exposure.
- Document all activities during an incident and providing leadership with status updates during the life cycle of the incident.
- Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the corrective or mitigation actions and escalation paths for each incident.
- Independently follow procedures to contain, analyze, and eradicate malicious activity.
- Be available, on-call, to rapidly troubleshoot any problems resulting from infrastructure changes, security breaches, or other unplanned/unforeseen circumstances.
- Assist the ICT Security team in developing and maintaining SoC documentation and processes.
- Form part of the Bank’s Security Incident Response team, assisting with whatever activities are deemed necessary by the incident leader.
- Submit period and ad-hoc reports as required by HOD
Skills, Competencies and Experience
The successful candidate will be required to have the following skills and competencies:
- Bachelor’s degree in Information technology, computer science or any related field.
- CISSP CISA/CISM/CEH/Certified SOC analyst (CSA)/Security+/Network+/CCNA/SSCP or other related certifications.
- 1+ years’ experience as a Security/Network Administrator or equivalent knowledge.
- Technical knowledge of database, network, and operating systems security.
- Knowledge of various security methodologies and processes, and technical security solutions (firewall and intrusion detection systems). Knowledge and experience using one or more tools related to SIEM, intrusion detection and prevention systems, network security managers, firewalls and end point logging.
- Knowledge of TCP/IP Protocols, network analysis, and network/security applications.
- Strong written communication skills in report writing for incident reporting.
- Knowledge of specific tools and languages such as Wireshark, PowerShell, Python and SQL knowledge highly desirable.
How to apply
If you are confident that you fit the role and person profile and you are keen to add value to your career then please forward your application enclosing detailed Curriculum Vitae to [email protected] indicating the job reference number SOC/IID/2023 before the close of business 31st May 2023.
We are an equal opportunity employer