IT Security Engineer (Part-Time) [Kenya]

Company Description

From a humble beginning in 1936 in Nakuru, our company is now the company behind a wide range of power generation, automotive, construction and industrial engineering products in East Africa. Today, our product range represents several international brand names.

Job Description

We are seeking a skilled IT Security Engineer to join our team and help safeguard our organization’s IT infrastructure. The IT Security Engineer will design, implement, and maintain our security systems to protect our data and systems from cyber threats. This role requires both technical expertise in network and systems security and the ability to adapt to evolving threats.

Qualifications

Qualifications:

• Education: Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent work experience).
• Experience: 3+ years of experience in IT security, systems engineering, or a similar role.
• Certifications: Relevant certifications such as CISSP, CISM, CEH, or CompTIA Security+ are preferred.
• Technical Skills:
  • Proficiency with security systems (e.g., firewalls, VPNs, IDS/IPS).
  • Knowledge of risk management, vulnerability assessment, and incident response.
  • Familiarity with SIEM tools, penetration testing tools, and scripting languages (e.g., Python, PowerShell).
  • Understanding of network protocols, cloud security, and secure architecture principles.
• Soft Skills:
  • Excellent problem-solving and analytical skills.
  • Strong communication skills and ability to work cross-functionally.
  • Attention to detail and a proactive approach to identifying risks.

Additional Information

Key Responsibilities:

1. Security Infrastructure Design & Implementation
   • Develop, implement, and maintain security solutions, including firewalls, antivirus, SIEM, IDS/IPS, and encryption protocols.
   • Design secure network solutions that protect our internal systems from external threats.
2. Monitoring & Incident Response
   • Monitor security systems for potential incidents, conduct security analysis, and respond to incidents effectively.
   • Investigate security breaches and other cyber threats and take appropriate action to mitigate risks.
3. Risk Assessment & Vulnerability Management
   • Regularly conduct vulnerability assessments, penetration testing, and security audits.
   • Collaborate with IT teams to identify vulnerabilities and provide guidance on remediation.
4. Policy Development & Compliance
   • Develop and enforce security policies, standards, and procedures to ensure compliance with industry regulations (e.g., GDPR, HIPAA).
   • Assist in regulatory audits and ensure that all security standards are met.
5. Team Education & Security Awareness
   • Conduct training sessions and create documentation to educate employees on security best practices.
   • Foster a security-aware culture across all departments within the organization.
6. Continuous Improvement
   • Stay updated on the latest security trends, threats, and technologies.
   • Recommend and implement upgrades to improve our security posture as threats evolve.