Principal Engineer – Cyber Security Architecture at NCBA Group

Job Description

Job Purpose Statement

Reporting to the Senior Manager, Cyber Security Architecture, the role holder is responsible for designing and implementing cyber security systems in line with best practices to ensure they meet all requirements including adequate security, capacity, and performance.

The role is also in charge of the day-to-day running of the Cyber Security solutions and services to ensure 99.999% uptime. They will provide technical security expertise and 2nd level support to staff and external partners to ensure the efficient use of systems and tools.

Key Accountabilities (Duties and Responsibilities)

Architecture & Governance 30%

They will develop security architecture best practices and ensure they incorporated in the implementation of technology systems.
Periodically benchmark and review the security architecture in line with best practice and business strategy.
Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems, and services.

Security Engineering 40%

Architect and design cyber security systems in line with best practices to ensure they meet user requirements including adequate security, capacity, and performance.
Define cyber security requirements and acceptance criteria for new systems.
Recommend major upgrades where required and liaise with the operations team when doing the upgrades especially if it affects the design/architecture of the system.
Do the technical evaluations and PoCs on Technology and Security solutions.
Conduct research and development on new areas in security and present on them for sensitization and knowledge transfer to other team members/staff.
Ensure all security systems implemented have high availability and disaster recovery in accordance with best practices.

Research and Development 25%

Research on emerging technologies such as cloud, AI, and Quantum computing to identify applicable threats and their mitigations.
Direct and mentor & develop team members and vendors assigned to the department.
Automate cyber processes and risk mitigation.
Ensure attendance of research & innovation sessions with other teams such as Digital Engineering and Enterprise architecture.

People and Leadership 5%

Direct and supervise the team members and vendors assigned to the department.

Job Specifications
Academic:

University degree, in Computer Science or technical field.
Professional:

Information security certifications e.g. CISSP/CISM/CISA/CEH
Information Technology certifications are desirable: ITIL, COBIT, TOGAF, PRINCE2, ISO, Cloud technology.
Strong understanding of common best practices, frameworks, and regulations (ISO 27001, ISO22301, OWASP, MITRE ATT&CK, CIS, etc).
Experience in implementing security solutions such as IPS, SIEM, DLP, AD, DAM, PKI etc.

Desired work experience:

At least 3 years’ experience in Information Technology management.