Ads by Google

IT Security Analyst

Job purpose

  • The IT Security Analyst will play a key role in maintaining and continuously improving subsidiary’s cybersecurity monitoring and control framework, ensuring that effective cybersecurity threat, vulnerability and incident management practices are incorporated into IT and business practices within subsidiary.
  • Maintaining and facilitating security logs and incident management, analytics and reporting capacities is a primary focus of the position.
  • Working closely with global, regional and local Information Security and IT resources to design, test and monitor effective cybersecurity controls is another key responsibility of the position.

Essential Duties

  • Facilitating implementation and maintenance of IT Security Controls within the subsidiary and ensuring delivery of locally assigned IT security tasks and activities
  • Monitoring security logs and incidents
  • Assessing and documenting subsidiary’s technical compliance of subsidiary’s with security policies
  • Playing a key role in Information Security incident response and reporting in subsidiary
  • Working with security and IT staff to resolve identified cybersecurity issues
  • Developing and maintaining documentation of relevant IT systems and security controls
  • Developing recommendations for cybersecurity improvements
  • Monitoring appropriate external and internal sources for newly identified threats and vulnerabilities
  • Assessing existing systems against those threats and vulnerabilities
  • Assessing and documenting cybersecurity posture of 3rd-party vendors and their services against FINCA standards
  • Utilizing appropriate tools to evaluate business environment against security policy and risk posture
  • Network vulnerability scanning
  • Device configuration management
  • Application testing
  • Network monitoring
  • Log review
  • Threat modeling
  • Source code review
  • Other techniques as appropriate
  • Communicating and collaborating with internal clients to contribute to security direction, and providing influence and technical guidance on current and future technical security directions
  • Acting as a cybersecurity subject matter expert throughout projects lifecycle, including functional requirements, design specifications, testing and quality assurance, implementation and support
  • Ensuring that application development, design and deployment meet FINCA security standards
  • Providing input to the annual IT Security budget cycle
  • Other Duties As Assigned
  • Key Relationships
  • Global and Regional IT Security Analysts
  • Global, Regional and Subsidiary IT Management
  • Global Information Security Team
  • Subsidiary Management Team & Board
  • Risk and Compliance Department
  • Global Business Continuity and Crisis Management Team
  • Internal Audit
  • Key Deliverables
  • Playing a key role in Cybersecurity Analytics and Incident Response Processes
  • Periodic Reporting on
  • Cybersecurity Status
  • Technical Security Assessment Results (Penetration tests, Vulneraiblity Scans, Code Scans)
  • Continuously Supporting o implementation and formalization of security and continuity plans, policies, guidelines and procedures
  • Risk and compliance activities to conform with security policy documents
  • IT security technical consulting
  • Researching security issues and providing evaluations and recommendations to management

Job Requirements

  • Education & Experience
  • Bachelor’s degree in computer science, cyber security, management information systems, or
  • 5 plus years of demonstrated experience in an IT security analyst role, preferably within international environment.
  • Experience with microfinance or banking organizations preferred.
  • Working knowledge of national and international security regulatory compliances and frameworks such as ISO 27001, NIST, COBIT and PCI DSS.
  • Experience with conducting technical assessments and communicating assessment results to audiences with diverse technical proficiency (tool examples Qualys, Tenable, Rapid7)
  • Experience constructively articulating business impact of vulnerabilities to various stakeholders
  • Experience with multiple platforms (i.e. Windows, Unix/Linux, etc.)
  • Experience with correlating and analyzing logs and events, producing and customizing security queries, reports and dashboards from various sources (e.g. Vulnerability Scanning, Virus Protection, SIEM examples Splunk, McAfee, Arcsight)
  • Understanding of security technologies, including access control, auditing, log management, IDS/IPS, firewalls, antivirus & malware desired, Data Leak Prevention, mobile technologies, application security desired
  • Experience with scripting languages desired
  • Certifications
  • Industry Certifications (e.g. CISSP, SANS GSEC / GCIH / GCIA) holders preferred
  • Security vendor certifications (e.g. Cisco, TrendMicro, Splunk, Qualys) is a plus.
  • Competencies
  • High Integrity and Ethics
  • Security Acumen
  • Communication and presentation skills
  • Team Player
  • Virtual Team Working
  • Language Skills
  • Fluency in English is required.Fluency in local language is highly desired

How to Apply

Submit your CV and application on company website:

Ads by Google
FINCA Zambia
FINCA Zambia
Lusaka
Business loans
Savings products
Other services
FINCA Zambia is a subsidiary of FINCA International, a global micro finance network that offers financial services and products to small scale businesses. FINCA helps its clients achieve their life goals conveniently to build a business, acquire assets, improve their living conditions or invest. The company provides well-designed, responsible, and affordable products including micro and small business loans, credit lines, savings, transactional services and more. For your convenience, FINCA has a secure mobile banking service and over 75 express agents.
New businesses
New jobs