Systems Security Analyst IV – 4 Posts

Job Ref: HR: KP1/5B.2/1/3/1185

Introduction: Kenya Power, an equal opportunity employer, is currently seeking four qualified Systems Security Analysts to join our dynamic team. Reporting to the Principal System Analyst, you will play a crucial role in implementing, reviewing, and aligning ICT Systems, Databases, and Business applications to ensure compliance with industry standards and safeguard the Company’s data and information.

Responsibilities:

1. Implementing Security Controls:
   • Collaborate with database administrators, systems developers, and application owners to review and implement security controls that mitigate system security threats and risks throughout the system/program life cycle.
2. Identifying Security Control Gaps:
   • Identify security control gaps in systems development, acquisition, and maintenance, ensuring proper identification, analysis, and mitigation of threats.
3. Incident Handling and Investigations:
   • Participate in investigations on computer security compromises, incidents, or problems and recommend corrective actions.
4. Monitoring and Audit:
   • Review application, system, and database logs and audit trails to identify violations and ensure compliance with procedures and processes.
5. Research and Awareness:
   • Stay updated on emerging threats and vulnerabilities in information security, adopting the latest technologies and developments.
6. Version and Patch Management:
   • Review version and patch management procedures and implement measures to enhance and improve the same.
7. Automation and Enhancement:
   • Automate and enhance monitoring of business applications, databases, and systems, including user and process activities.
8. Security Enhancements and Innovation:
   • Develop security and productivity-enhancing improvements and innovations.
9. Access Regulation and Security Measures:
   • Coordinate security measures for information systems to regulate access and prevent unauthorized modification, destruction, or disclosure of information.
10. Security Awareness and Efficiency:
    • Promote security awareness to improve server and network efficiency and ensure system security.
11. Consultation and Programming Changes:
    • Consult with users on data and information access and processing needs to mitigate security violations and programming changes.
12. Audit Monitoring Systems:
    • Recommend modifications or updates to audit monitoring systems and solutions for new applications, databases, systems, or individual access changes.
13. Coordination of System Changes:
    • Coordinate the execution of implementation plans for system changes/upgrades to alleviate security violations.
14. Risk Assessments and Compliance:
    • Perform risk assessments, execute tests on applications, and ensure data availability, confidentiality, integrity, and compliance with standards and process activities. Advise/recommend corrective actions.
15. Access Management Reports:
    • Maintain access management reports and processes to identify access events, exceptions, or trends requiring investigation, remediation, or mitigation.
16. Information Security Planning and Certification:
    • Contribute to information security planning, assessments, risk analysis, risk management, certification, and awareness activities for system operations.

Qualifications:

• Bachelor of Science Degree in Information Security, Computer Science, Information Technology, Electrical & Electronics Engineering, or a related field from a recognized Institution.
• Possession of an entry-level Information Security Certification from a recognized institution.
• Experience and knowledge in Network, Operating Systems, and Database Security will be an added advantage.
• One (1) year relevant working experience in Information Security from a reputable organization.

Technical Capabilities & Key Competencies:

• Experience in system vulnerability checks and threats analysis, including penetration testing.
• Proficiency in computer applications, Server Systems administration, Database Servers, Programming, and Systems analysis.
• Understanding of best practices in systems security and controls.
• Good project management skills.
• Excellent planning, presentation, and evaluation skills.
• Creativity and innovation.
• Drive for results and achievement.
• Insightful, proactive, and future-focused.
• Demonstrates a high level of integrity.

How to Apply:

Interested applicants should submit their applications online by visiting the Kenya Power website on http://www.kplc.co.ke. Please attach a detailed Curriculum Vitae, copies of academic and professional certificates, and other testimonials. The deadline for submissions is Friday, 4th August 2023.

Note:

• Background verification may be conducted during the recruitment process.
• Only shortlisted candidates will be contacted.
• Candidates offered employment will need to present the following clearance certificates:
  • Valid Certificate of Good Conduct from the Directorate of Criminal Investigations.
  • Valid Clearance Certificate from Higher Education Loans Board (HELB).
  • Valid Tax Compliance Certificate from Kenya Revenue Authority (KRA).
  • Current Clearance from the Ethics and Anti-Corruption Commission (EACC).
  • Current Report from an approved Credit Reference Bureau (CRB).
• Canvassing will lead to automatic disqualification.

Recommendations for Applicants:

• Thoroughly review and understand the job responsibilities and qualifications before applying.
• Tailor your application to highlight relevant experience and skills in systems security and controls.
• Showcase your knowledge of emerging threats and information security technologies.
• Demonstrate your ability to coordinate and implement system changes/upgrades.
• Emphasize your understanding of risk assessments and compliance measures.
• Provide clear and accurate contact details for efficient communication.
• Ensure your Curriculum Vitae and certificates are up-to-date and well-presented.
• Prepare for potential background verification by having the required clearance certificates ready.
• Avoid canvassing, as it will result in automatic disqualification.