Security Analyst

ABOUT THE COMPANY

Jubilee Insurance was established in August 1937, as the first locally incorporated Insurance Company based in Mombasa in 1937. Jubilee Insurance has spread its sphere of influence throughout the region to become the largest Composite insurer in East Africa, handling Life, Pensions, general and Medical insurance. Today, Jubilee is the number one insurer in East Africa with over 450,000 clients. Jubilee Insurance has a network of offices in Kenya, Uganda, Tanzania, Burundi and Mauritius. It is the only ISO certified insurance group listed on the three East Africa stock exchanges – The Nairobi Securities Exchange (NSE), Dar es Salaam Stock Exchange and Uganda Securities Exchange. Its regional offices are highly rated on leadership, quality and risk management and have been awarded an AA- in Kenya and Uganda, and an A+ in Tanzania.

JOB SUMMARY

The Security Analyst will be responsible for identifying, analysing, and mitigating security threatsand vulnerabilities across the organisation’s operational environments. The role focuses on proactivesecurity testing, threat simulation, and vulnerability assessments to strengthen the organisation’s cyberresilience, support regulatory compliance, and enhance the overall security posture of the organisationRequirementsAcademic Qualifications1. Bachelor’s degree in Computer Science or a related discipline from a recognised institution.2. Information Security certifications such as CEH, OSCP, CompTIA PenTest+, or CRTP.3. Networking certifications such as MCSE, CCNA, or CCNP.4. IT Service Management certification (ITIL).5. Cloud technology competency.Relevant Experience1. Minimum of 3 years’ experience in penetration testing and vulnerability assessments.2. At least 1 year of experience within a medium to large-sized organisation.3. Hands-on experience with security testing tools, secure infrastructure reviews, and modernsecurity technologies.

RESPONSIBILITIES

Strategy1. Support the development and implementation of security strategies and protocols to protectsystems, networks, and data.2. Collaborate with internal stakeholders to assess security risks and recommend preventive andcorrective controls.3. Continuously monitor emerging cyber security threats, technologies, and best practices to enhanceorganisational readiness.Operational1. Conduct penetration testing across internet, intranet, wireless, web applications, social engineering,and physical environments.2. Execute red team exercises to identify gaps in security controls and incident response readiness.3. Identify, analyse, and exploit security vulnerabilities across diverse systems and environments.4. Lead or support penetration testing engagements, including providing technical guidance to juniorteam members.5. Analyse test results and prepare clear, comprehensive reports outlining findings, risks, andremediation recommendations.6. Communicate complex security concepts and findings to technical and non-technical stakeholders,including senior leadership.Corporate Governance1. Ensure compliance with regulatory requirements, industry standards, and internal informationsecurity policies.2. Develop and maintain security documentation, including policies, procedures, and incident responseplans.3. Provide guidance to internal teams on security-related matters and support audit and complianceactivities.People and Culture1. Promote a strong culture of security awareness and shared responsibility across the organisation.2. Support knowledge sharing and skills development within the Cyber Security team.3. Collaborate respectfully and effectively with cross-functional teams to embed security into everydayoperations.4. Model professional conduct, accountability, and ethical behaviour in all security engagements

REQUIRED SKILLS

Information security, Firewalls, Cyber security, System and network security

REQUIRED EDUCATION

Bachelor's degree