[New job in kenya] Aga Khan University Information Security Analyst (2018)

Vacancy: Information Security – Analyst

The Aga Khan University (AKU) is a private, not for profit, International University first established in 1983, with 11 teaching sites in eight countries.

The Medical College in East Africa ¡s part of a visionary plan to create a comprehensive university in East Africa with a health sciences regional hub in Nairobi and campuses in Dar es Salaam and Kampala.

The Analyst – Information Security will work with the IT teams in assessing and implementation of IT security within the university.

Key Responsibilities

• Perform technology and information security risk assessments.
• Perform IS policy and procedures gap assessments against information security, regulatory requirements and
  governance standards. For example lSO27001:2013, COBIT, PCI-DSS etc.
• Liaise with IT and internal/external audit teams during information systems audit. Work as a central point of contact from IT to ensure appropriate flow of information to audit team with any delay.
• Work with IT team for successful closure of the audit observations
• Perform internal assessments and identify gaps in current documentation and operations.
• Assist in organizing information security trainings and campaigns for AKU staff.
• Ensure implementation of Security Incident and Threat Response process.
• Educate IT and business users and ensure all critical information assets are classified properly.
• Conduct routine security reviews of networks, infrastructure, identify gaps, report issues to concerned units and management and tracking for timely closure.
• Review audit logs of servers, network equipment and firewalls on a monthly basis.
• Review SIEM logs on a daily basis to detect and identify cyber-attacks. Monitor for security breaches and investigate a violation when one occurs. Assess and respond to network security events and alerts identified through SIEM.
• Coordinate with IT and business on security concerns for network, infrastructure and various projects.
• Assist in remediation efforts related to security incidents, vulnerability assessments and penetration tests.
• Ensure that appropriate measures have been taken to protect all AKU digital information assets from all kind of malicious software. For example, malware, viruses, worms, Trojans, etc.
• Review configurations of network devices: Firewalls, Intrusion Detection Systems, Intrusion Protection Systems, network switches, network routers, VPN implementations for security perspective.
• Implement data encryption policy and procedure to ensure all confidential information is encrypted while in transit or at rest.
• Any other task or project assigned by line manager.

Qualification & Experience

• Bachelor’s degree or equivalent in Computer Science, Computer Engineering, Information Security or related field. Advance degree highly preferred.
• At least five (5) years of hands-on experience in Information Security risk assessments, policies and procedures, regulatory compliance, etc.
• Network and security certifications such as CCNA, CCNP, CISM, CISA, CEH, MCSE, and CISSP etc. would be a plus.
• Knowledge of Information Security and IT standards including but not limited to ISO 27001, COBIT, HIPAA, NIST, ITIL etc.
• Experience in any Big 4 professional services firm would be a plus.

HOW TO APPLY

Please send your curriculum vitae; copies of academic qualifications; and copies of professional certificates to the Manager, Recruitment, Aga Khan University Hospital email address hr.recruitment@aku.edu not later than 1st February, 2018