Security Operations Assistant

The Security Operations Assistant at Stima Sacco is a vital role responsible for proactively monitoring the security posture of all information assets, ensuring compliance with established security standards, and managing cyber security incidents. The position requires working within a 24/7 Security Operations Center (SOC) environment, utilizing various technical security tools to detect, analyze, and respond to threats, thereby minimizing security breaches and protecting the organization's business information and transactions.

Key Responsibilities

1. Security Monitoring and Alert Management: Proactively monitor and report the security posture on all information assets as per Security Operations Center (SOC) procedures, utilizing technical tools such as SIEM, Antimalware, Database Activity Monitoring Systems, Fraud Management Systems, etc.
2. Real-Time Operations: Work in 24/7 shifts performing real-time monitoring of security alerts generated by various security tools deployed by the SOC. Analyse and assess security alerts and escalate for further investigations and communication.
3. Security Baseline Compliance: Periodically review systems within the Sacco to ensure that they are configured as per the established security baseline standards. Report any non-compliance on information security policies.
4. Incident Response: Be involved in the establishment of mechanisms for information and cyber security incident response management, including monitoring, detecting, remediating, and fully investigating security breaches to establish and treat the root cause(s) to minimize future occurrences, as well as perform impact analysis.
5. Threat Intelligence: Perform threat intelligence research, including collection of global threat intelligence and internal threats, then inject actions based on analysis and recommendations.
6. Security Awareness: Offer support in cyber security awareness and training campaigns.
7. Documentation and Research: Document and research security breaches and assess any damage caused.
8. Professional Development: Keep abreast with emerging issues by attending educational workshops, seminars, conferences, and participating in professional societies.
9. Partner Assessment: Assess external partners such as vendors' and contractors’ procedures, processes, and security controls to ensure they adequately protect the organization’s business information and transactions.
10. Collaboration: Work with user departments to ensure information technology threats are properly identified, analysed, communicated, investigated and corrective actions taken.

Qualifications

Technical Skills & Education:

• Bachelor’s degree in Information Technology, Computer Science, or any other related field.
• Relevant IT Security professional qualifications, such as CISA/CISM/CEH or other relevant security certifications.
• 3 years’ experience in Security/Network administration.
• Strong technical knowledge of database, network, and operating systems security.
• Knowledge of various security methodologies and processes.
• Knowledge of technical security solutions including SIEM, EDR, firewall, and intrusion detection systems.
• Knowledge of TCP/IP Protocols, network analysis, network protocols, and network/security applications.
• Working knowledge and experience in penetration testing and vulnerability assessments.
• Knowledge of common cybersecurity threats and sources of cybersecurity information.
• Good understanding and knowledge of risk assessment, risk procedures, security assessment, vulnerability management, and penetration testing.