Job Description
Job Summary
Delon Jobs is helping a leading Insurance company in Nigeria to hire Lead, Security Architecture and Engineering in Lagos. The successful candidate will contribute to the overall reduction of information security risks and related incidents by design implementation and maintenance of effective system security solutions and initiatives across end user’s systems, applications, networks, servers, and other IT infrastructure.
Gross Salary is between 6.5 M-8M per annum. Please read additional requirements below before applying. If you are interested in the position, kindly send cover letter and updated CV to cv@delonllc.com, and ensure you make your email subject ‘Lead, Security Architecture and Engineering ’
Job Description:
In addition to the job summary details, the following are other requirements and important information:
Duties & Responsibilities
Security Operations and Monitoring
- Responsible for the continuous monitoring and identification of threats through monitoring
- of end user’s applications, networks, systems, and other access to other assets.
- Lead the planning and design activities for the security monitoring operations, under the directives of the
Chief Information Security Officer.
- Participate in the creation of enterprise security policies, standards, baselines
- Monitor, identify, investigate & resolve security breaches detected by installed security solutions.
- Implementation and manage log retention policy across multiple platform and systems.
- Review logs/alerts and reports of all in-place security and infrastructural devices.
- Ensure that sufficient trails are maintained and retained and retrievable for forensic analysis and
investigation
- Direct scheduling and ad-hoc security and compliance reporting.
- Monitor and advice on information security issues related to the systems and workflow to ensure the
internal security controls are appropriate and operating as intended.
- Participate in security tool selection, pilot and implementation
- Maintain security operation centre awareness program and communicate security operations center
action plans and security bulletins
Security Operations and Monitoring
- Responsible for the continuous monitoring and identification of threats through monitoring
- of end user’s applications, networks, systems, and other access to other assets.
- Lead the planning and design activities for the security monitoring operations, under the directives of the
Chief Information Security Officer.
- Participate in the creation of enterprise security policies, standards, baselines
- Monitor, identify, investigate & resolve security breaches detected by installed security solutions.
- Implementation and manage log retention policy across multiple platform and systems.
- Review logs/alerts and reports of all in-place security and infrastructural devices.
- Ensure that sufficient trails are maintained and retained and retrievable for forensic analysis and
investigation
- Direct scheduling and ad-hoc security and compliance reporting.
- Monitor and advice on information security issues related to the systems and workflow to ensure the
internal security controls are appropriate and operating as intended.
- Participate in security tool selection, pilot and implementation
- Maintain security operation centre awareness program and communicate security operations center
action plans and security bulletins
Responsible for the design, implementation and maintenance of effective systems security solutions
- Lead the planning and design activities for the enterprise security architecture, under the directives of the Chief Information Security Officer.
- Participate in the creation of enterprise security policies, standards, baselines
- Constantly assess the organizations exposure to information security threats and develop appropriate counter measures
- Develop security baselines in line with CIS standards for various IT Infrastructure including Applications, Databases, Routers, Switches, Servers, Virtual machines etc.
- Monitor and advice on information security issues related to the systems and workflow to ensure the internal security controls are appropriate and operating as intended.
- Installing firewalls, data encryption and other security measures
- Participate in the deployment of tested security patches and updates.
- Responsible for preventing data loss and service interruptions by researching new technologies that will effectively protect a network
- Identify vulnerabilities and monitor remediation. Pro-actively take steps to avoid security breaches.
- Manage external vulnerability assessment and penetration testing exercises.
- Prepare various reports for management decision making
Knowledge/Qualification
- Bachelor’s and/or Advanced degree in Computer Science or any related disciplines (minimum of 2)
- Professional certification like CISSP, CISM, ISO27001, CEH
- A minimum of five (5) years relevant experience in Information Security with at least (3) years in Enterprise
- Demonstrable experience working with network security and networking technologies as well as with systems, security, and network monitoring tools.
- Hands on experience in security systems, including firewalls, intrusion detection/prevention systems, anti-virus software, authentication systems, log management, content filtering, SIEM, NAC, FIM, WAF and DAM etc.
- Demonstrable familiarity with web-related technologies (web applications, web services, service-oriented architectures), and network/ web-related protocols.
- Thorough understanding of the latest security principles, techniques, and protocols
Skills/Competencies
- Security Controls and Systems design
- Incident Response Escalations
- Security Project Management
- IT and External Project Participation
- Excellent Problem-solving skills
- Good management and interpersonal skills.
- Proactive, Resourceful and hands-on with good initiative.