Job Description

Job Summary

Delon Jobs is helping a leading Insurance company in Nigeria to hire Lead, Security Architecture and Engineering in Lagos. The successful candidate will contribute to the overall reduction of information security risks and related incidents by design implementation and maintenance of effective system security solutions and initiatives across end user’s systems, applications, networks, servers, and other IT infrastructure.

Gross Salary is between 6.5 M-8M per annum. Please read additional requirements below before applying. If you are interested in the position, kindly send cover letter and updated CV to cv@delonllc.com, and ensure you make your email subject ‘Lead, Security Architecture and Engineering ’

Job Description:

In addition to the job summary details, the following are other requirements and important information:

Duties & Responsibilities

Security Operations and Monitoring

• Responsible for the continuous monitoring and identification of threats through monitoring
• of end user’s applications, networks, systems, and other access to other assets.
• Lead the planning and design activities for the security monitoring operations, under the directives of the

Chief Information Security Officer.

• Participate in the creation of enterprise security policies, standards, baselines
• Monitor, identify, investigate & resolve security breaches detected by installed security solutions.
• Implementation and manage log retention policy across multiple platform and systems.
• Review logs/alerts and reports of all in-place security and infrastructural devices.
• Ensure that sufficient trails are maintained and retained and retrievable for forensic analysis and

investigation

• Direct scheduling and ad-hoc security and compliance reporting.
• Monitor and advice on information security issues related to the systems and workflow to ensure the

internal security controls are appropriate and operating as intended.

• Participate in security tool selection, pilot and implementation
• Maintain security operation centre awareness program and communicate security operations center

action plans and security bulletins

Security Operations and Monitoring

• Responsible for the continuous monitoring and identification of threats through monitoring
• of end user’s applications, networks, systems, and other access to other assets.
• Lead the planning and design activities for the security monitoring operations, under the directives of the

Chief Information Security Officer.

• Participate in the creation of enterprise security policies, standards, baselines
• Monitor, identify, investigate & resolve security breaches detected by installed security solutions.
• Implementation and manage log retention policy across multiple platform and systems.
• Review logs/alerts and reports of all in-place security and infrastructural devices.
• Ensure that sufficient trails are maintained and retained and retrievable for forensic analysis and

investigation

• Direct scheduling and ad-hoc security and compliance reporting.
• Monitor and advice on information security issues related to the systems and workflow to ensure the

internal security controls are appropriate and operating as intended.

• Participate in security tool selection, pilot and implementation
• Maintain security operation centre awareness program and communicate security operations center

action plans and security bulletins

Responsible for the design, implementation and maintenance of effective systems security solutions

• Lead the planning and design activities for the enterprise security architecture, under the directives of the Chief Information Security Officer.
• Participate in the creation of enterprise security policies, standards, baselines
• Constantly assess the organizations exposure to information security threats and develop appropriate counter measures
• Develop security baselines in line with CIS standards for various IT Infrastructure including Applications, Databases, Routers, Switches, Servers, Virtual machines etc.
• Monitor and advice on information security issues related to the systems and workflow to ensure the internal security controls are appropriate and operating as intended.
• Installing firewalls, data encryption and other security measures
• Participate in the deployment of tested security patches and updates.
• Responsible for preventing data loss and service interruptions by researching new technologies that will effectively protect a network
• Identify vulnerabilities and monitor remediation. Pro-actively take steps to avoid security breaches.
• Manage external vulnerability assessment and penetration testing exercises.
• Prepare various reports for management decision making

Knowledge/Qualification

• Bachelor’s and/or Advanced degree in Computer Science or any related disciplines (minimum of 2)
• Professional certification like CISSP, CISM, ISO27001, CEH
• A minimum of five (5) years relevant experience in Information Security with at least (3) years in Enterprise
• Demonstrable experience working with network security and networking technologies as well as with systems, security, and network monitoring tools.
• Hands on   experience   in   security   systems, including firewalls, intrusion detection/prevention     systems, anti-virus     software, authentication systems, log    management, content filtering, SIEM, NAC, FIM, WAF and DAM etc.
• Demonstrable familiarity    with    web-related technologies (web applications, web services, service-oriented architectures), and network/ web-related protocols.
• Thorough understanding of the latest security principles, techniques, and protocols

Skills/Competencies

• Security Controls and Systems design
• Incident Response Escalations
• Security Project Management
• IT and External Project Participation
• Excellent Problem-solving skills
• Good management and interpersonal skills.
• Proactive, Resourceful and   hands-on   with   good initiative.