We're a tech-driven, #sustainable #forestry company on a mission to revolutionize the wood industry in #Africa with our disruptive #farmer platform
About this Role
As a Systems Security Engineer, you’ll work cross-functionally to assess risk and help deliver countermeasures that protect company data and systems. You’ll play a critical role in advising peers, managers, senior leaders, and different stakeholders to help influence and drive compliance in data governance, systems compliance, regulatory obligations, and other information security goals.
This role will be based at our Kenya headquarters in Nairobi.
What you’ll do
- Assess the security of Komaza’s systems, applications, and services, discovering and addressing security issues, building security automation, and promptly reacting to new threat scenarios by developing simple solutions to complex business problems, while following security engineering best practices.
- Architect and implement enterprise-level security solutions for our cloud environments in AWS and other third-party SaaS services.
- Implement continuous monitoring, intrusion detection and prevention systems, and other security monitoring for our critical data systems and recommend actions to remedy security concerns.
- Support and champion the implementation of Komaza’s Cybersecurity framework to support system controls, threat monitoring and detection, vulnerability assessment, and detection of cyber attacks across applications, data systems, and network services.
- Implement protocols and procedures around third-party systems integration to avoid data loss and cyber-attacks through misconfigured and publicly exposed systems.
- Develop information security guidelines, policies, and regular training sessions and support the execution of the Business Continuity Management (BCM) framework.
- Design, implement and centrally manage an Identity and Access Management (IAM) platform to ensure all Komaza systems and allow effective onboarding and offboarding of system users.
- Support external data systems audit process and promptly resolve identified areas of concern with all stakeholders.
What you have
- Bachelor’s degree in Computer Science, Information Systems, Information Technology, or any other related field.
- Security Certification in either CEH, CISSP, or CISM is a must.
- 4+ years of hands-on experience in system security management across different IT domains including network services, operating systems, databases, and web applications.
- Deep understanding of network and web-related protocols (TCP/IP, UDP, IPSEC, HTTP, HTTPS, and routing protocols) and security processes, framework cyber risk remediation analysis.
- Experience with scripting programming languages (e.g., Python, Golang) is strongly preferred.
- An understanding of the software development lifecycle and web services, and how they interact with security protocols and application access.
- Strong understanding of NIST, Critical Security Controls, and Zero Trust Architecture.
- Extensive experience and understanding of security operations and automation tools and appliances including UTM (unified threat management) devices, firewalls, proxy servers, and endpoint protection at an organizational level.
- Experience working with Cloud/ SaaS architectures on either AWS, MS Azure, or Google Cloud Compute.
You are also
- Great at stakeholder management
- Positive, energetic self-starter with a high level of personal drive and resilience
- A people person and a great team leader
- Able to adapt to fluid, rapidly changing environments
- A meticulous individual, and an analytical and critical thinker
- Great written and spoken communication skills
About the team
With plans to grow the largest forestry company in Africa, IT plays a critical role in operations and strategy at Komaza. With investment in the latest technology and business systems, we believe in robust and efficient systems to support all our key business operations while at the same time enabling our employees to be more productive and work efficiently. You’ll be part of a team that functions independently to offer first-class service delivery and with ambitious plans to create, improve and leverage better technology for Komaza. We are looking for a highly experienced and collaborative security engineer to lead the security management of our business systems and support the future of tech at Komaza.