|
Position Title:
|
IT Security Analyst I/II – Compliance Analyst
|
Application Deadline Date:
|
30 Dec 2013
|
|
Position Location:
|
Nairobi; Seattle WA, USA; KL, Malyasia; or other
|
Position Start Date
|
01 Feb 2014
|
|
Region:
|
Africa\East Africa
|
Position End Date:
|
31 Jan 2099
|
|
Requisition Category:
|
International
|
Recruitment Priority:
|
Need Immediately
|
|
Country Name:
|
Kenya
|
Program/Office Name:
|
GICT
|
|
City/Province:
|
Nairobi; Seattle WA, USA; KL, Malyasia; or other
|
Employee Type:
|
Regular Full-time
|
|
Job Grade Level:
|
14/15
|
Recruitment Status:
|
Actively Recruiting
|
|
Is this a family post?
|
Family - Spouse with Children
|
 |
|
|
|
|
Requisition Num:
|
2013AFERBRE-9CZPSH
|
*POSSIBLE LOCATIONS: NAIROBI, SEATTLE (WA), USA, MALAYSIA AND OTHERS*
PURPOSE OF POSITION:
This position involves the monitoring and targeting mandated regulatory compliance (i.e. PCI), but also compliance with internal audit controls and Partnership-wide security principles, policies, standards, procedures, and minimum security baselines. Individuals who perform work as an IT Security Analyst I/II are also responsible for working on security projects/issues for a functional area (e.g., data, systems, network and/or Web). They provide input and recommendations to address security issues that impact other functional areas. They provide technical support to project teams to ensure the company’s infrastructure and information assets are protected.
KEY RESPONSIBILITIES:
Policies, Procedures & Standards:
- Proposes improvements and assists in the implementation of enterprise-wide security policies, procedures and standards.
- Monitors compliance with security policies, standards, guidelines and procedures.
- Ensures
security compliance with legal and regulatory standards.
Security Support: - Provides security support to ensure that security issues are addressed throughout the project life cycle.
- Provides responsive support for problems found during normal working hours as well as outside normal working hours.
- Resolves problems and assists with security incident handling.
- Responds to security incidents and assists in forensic investigations.
- Works
with teams to resolve issues that are uncovered by various internal and
3rd party monitoring tools.
Security Audits: - Assists in security audits.
- Inspects security logs to uncover possible security violations (e.g., break-ins, unauthorised activity).
- Checks
existing accounts and data access permission requests against documented
authorizations.
Risk Assessments: - Assists in business impact analysis to ensure resources are adequately protected with proper security measures.
- Follows up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure that appropriate remediation measures have been taken.
- Runs
security analysis reports using commercial tools or custom scripts and
documents gaps.
Information/Data Security: - Checks existing accounts and data access permission requests against documented authorizations.
- Develops and delivers security awareness programs.
KNOWLEDGE, SKILLS & ABILITIES:
Required:
- Bachelor’s Degree in Computer Science, Information Systems or other related field, or equivalent work experience.
- Typically requires 1 - 3 years of IT work experience, preferably in a compliance-related role.
- Willingness and ability to travel domestically and internationally, as necessary.
