Senior Manager, Senior Security Domain Architect

ABOUT THE COMPANY

Equity Bank Kenya Limited, is a financial services provider headquartered in Nairobi, Kenya. It is licensed as a commercial bank, by the Central Bank of Kenya, the central bank and national banking regulator.

JOB SUMMARY

Knowledge and ExperienceA Degree or its equivalent in Information Technology, Network Security, Enterprise Network Management, Information Security, Management Information System Computing, Engineering or similar area of studyMinimum 10+ years of increasingly diverse and complex experience in field of Cybersecurity within a global environment, with at least a minimum of 5+ years in security architecture and network, and infrastructure securityNetwork Security Architecture – Deep technical understanding of designing and securing of both WAN and LAN environments including SD WAN, MPLS, VPN, Segmentation, Micro-Segmentation,Factory Segmentation, Routing and Switching. Routing and Switching design, deployment and OperationsProfessional certifications such as TOGAF, SABSA or IAF architecture frameworks. CEH, CISA, CCISO, CISSP, GIAC, ISO 27001 LA/LI or specific security product certifications are an assetCloud Security –Technical understanding of virtualization, cloud infrastructure, and public cloud offerings. Experience designing network security configuration and controls within cloud-based solutions in Microsoft Azure and Azure PAAS serviceExperience designing, implementing, deploying and operating vulnerability scanning infrastructure and services

RESPONSIBILITIES

Provide expert direction in implementing Xylem’s enterprise security architecture strategy for platforms, applications, security services, network security and infrastructure, while considering potential risks in the organization’s current technology deployments, to build a successful and strong enterprise security postureSecure and automate capabilities through collaboration with InfoSec, Compliance, Cyber Defense, Product Security and Engineering resources.Define and advise on the design, implementation and processes necessary to protect information system assetsTranslate business requirements, risk assessments, high-level policies and controls towards security architecture requirements and designs for existing or new security services and projects on business and IT side.Participate in discussions regarding the high level IT and operational process design and implementation of security in projectsAct as a security subject matter expert for Cloud, IOT, Blockchain, IAM, Data and Application, Network, Database and Infrastructure domainAdditional knowledge on other domains will be used to assist other Cyber Security Domain Architects covering other security domains (for example mainframe, data, PKI and cryptography, network security, platform security, IAM, application security, devsecops etc.)Your stakeholders are mainly business owners/analysts, project leaders, enterprise architecture, risk management, internal/external auditors and IT engineers, developers and solution designersResponsible for application security but with a good working knowledge of other security domains(Cryptography, Identity and Access Management, Threat and Vulnerability Management, Infrastructure and Networks and Auditing, Logging and Compliance)Proven ability to follow global established standards in digital evidence acquisition and handling, experience with conducting digital investigations and incident responses and experience in managing insider threats and cyber and data exfiltration incidencesSupport the delivery of the 3 year Cyber security roadmap to maintain and optimize the AdvancedCyber Security & Emerging technologies / controls capabilityLead the enhancement and optimization of implemented reporting mechanisms to demonstrate the value of the Advanced Cyber Security & Emerging technologies / controls function with tangible benefitsFollow information security policies, methods, standards, National Institutes of Standard and Technology (NIST) standards and practices to organizational information systems, IT reference materials and interpret regulationsHelp coordinate the implementation of security programs across all agency platformsAssist with Active Directory access and Group Policies, Internet intrusion detection, Internet filtering, and monitoring of employee access, virtual private networking (LAN/WAN) securityAssist and participate with the Senior IT Specialist as an advisor in projects to enhance or develop new IT systems, or to study the feasibility of acquiring new technologyStrategy:Understand information security domain of Network, Application, Infrastructure, and DatabaseDocument and communicate security architecture to the GM, Enterprise Security Architecture team and the Chief Information Security Officer respectively.

REQUIRED SKILLS

Active directory (AD), Risk management, System and network security, Information security

REQUIRED EDUCATION

Bachelor's degree