UP otherwise known as Unified Payment Services Limited is Nigeria’s premier Payments & Financial Technology company founded in 1997 by a consortium of leading Nigerian banks. UPо operates as a shared infrastructure for the banking community in Nigeria and Payments Service Provider within and outside Nigeria, with a vision to be the most preferred e-payment service provider in Africa.
Job Title: IT Risk Analyst
- The IT Risk analyst shall be primarily responsible for security monitoring across the organization’s infrastructure.
Specific job description shall include:
- Endpoint detection and response to ensure threats are managed.
- Keeping abreast with emerging cyber security threats, trends and proffering actionable solutions to mitigate them.
- Evaluation of the Company’s security products for improvement purposes.
- Designing and reviewing of the company’s information security systems and programs.
- Identifying potential weaknesses and implementing measures to mitigate them.
- Assists with tracking and documenting cyber incidents from initial detection through final resolution.
- Liaising with stakeholders in relation to cyber security issues and provide recommendations.
- Generating periodic reports for both technical and non-technical stakeholders.
- Assist with the creation, maintenance and delivery of cyber security awareness training for staff.
- Monitor Unified Payments applications, networks and databases for attacks, intrusions and other unusual activities.
- Monitoring events and activities via the Security Incident and Event Management (SIEM) platform and other security tools.
- Perform security event and incident correlation using information gathered from a variety of sources within the enterprise.
- Analysis of events to identify/detect cyber-attacks/intrusions, anomalous activities, and misuse activities. This includes providing remediation plan and consulting with IT for implementation of remediation strategy.
- Vulnerability assessment, remediation management and coordination of penetration testing activities.
- Review of threat intelligence, identification of vulnerable assets and implementation of threat prevention plan.
- Investigating security alerts and provide adequate incident response.
- CISA, CISM, CRISC, CEH, CISSP, GIAC or similar security certification is highly desired.
- Experience level: 0-5 years experience
- HND / BSC / B.Tech in Cybersecurity, Mathematics, Computer Science, Computer Engineering or any Social Science discipline.
The Successful Candidate shall have:
- Excellent verbal and written communication skills to develop positive relationships and effectively communicate with business partners, and all levels of management.
- Extremely responsive, with a strong sense of urgency.
- Excellent analytical skills in order to identify and communicate security risks and appropriate measures needed to help mitigate those risks.
- Must be comfortable in conducting independent research of issues and inquiries in order to provide guidance when requested.
- Self-motivated, innovative, creative and possess a passion for excellence and continuous improvement.
- Knowledge of cyber and information security program management and frameworks (e.g. STIG, NIST CSF, ISO/IEC 27000, PCI, CobiT, CIS etc.) and the ability to translate information security policies into operational processes.
- Advanced vulnerability management and threat detection skills.
- Skilful use of tools such as Intrusion Prevention and Detection Systems (IPS/IDS), Security Information and Event Management (SIEM) tools, Threat Intelligence and vulnerability scanning tools etc.
- Extensive and proficient use of security monitoring tools
Interested and qualified candidates should send their CV to: email@example.com using the Job Title as subject of the email.
Application Deadline 20th March, 2020.