Cyber Security Specialist at George Houston Resources Limited (GHR)

George Houston Resources Limited (GHR) – Our client, a major Tech firm on the Island of Lagos, is looking to fill the following positions:

Title: Cyber Security Specialist

Location: Island, Lagos

Employment Type: Full-time

Industry: Telecommunication (ICT)

Job Responsibilities

• Drive the automation of Security Baseline configuration using enterprise tools like Puppet and Ansible.
• Manage the Database security program, including onboarding, discovery, use cases, upgrades, and regular assessments, utilizing the Imperva tool.
• Assess and establish mitigation steps in response to perceived security threats, ensuring appropriate treatment and escalation when necessary. Coordinate security systems disciplines during active threats.
• Provide expert technical insights and industry perspectives for creating, delivering, and integrating complex and comprehensive security solutions and architectures.
• Collaborate and act as a security architecture liaison with other IT areas, designing and recommending new security solutions as needed.
• Liaise with relevant functions to ensure timely closure of incidents and vulnerabilities.
• Regularly evaluate security controls as part of the Security Assessment program, proposing remedial actions for identified baseline variances.
• Support the implementation of risk assessment exercises across the Information Technology function to identify and address information security weaknesses.
• Implement standards for testing methodologies, techniques, and procedures, and maintain a robust quality standard program.
• Lead IT control assessments and compliance exercises.
• Support controls design for Operating Systems, Applications, and Database Security, including implementation, assessments, and reporting.
• Monitor compliance with information security policies, procedures, and standards through planned and ad-hoc audit and review exercises.
• Collaborate with relevant functions/stakeholders to implement information security as defined by MTN Nigeria.
• Manage escalated issues within the information security domain along with relevant stakeholders.
• Maintain key metrics that indicate the security posture of MTNN infrastructure.
• Produce executive dashboard security reports, presenting actionable insights from IT Security monitoring tools.

Qualifications / Requirements

• A minimum of a First Degree in Computer Science, Engineering, Information Technology/Systems, or a related discipline is preferred.
• Minimum of 5 years of experience in Cybersecurity or roles with a focus on Application, Operating systems, and Database security.
• Experience with Windows/Unix/Linux Operating systems, with a cybersecurity focus.
• Relevant industry certifications such as CISSP, CISA, CRISC, CISM, CompTIA+, Imperva Database Administrator, Puppet Practitioner, CASP+ CEH, GCIH, GCIA, OSCP.
• Experience with SIEM (Arcsight), EDR (Falcon Crowdstrike), Packet Analysis, HIPS/NIPS, Network Monitoring tools, ServiceNow Ticketing, and Database Security.
• Technical experience in Identity Access Management, Controls configuration management & automation using Puppet/Ansible/Chef, Vulnerability assessments and treatment, and Technical systems baseline governance and implementation.
• Proven experience with best practices, frameworks, and standards implementation across technology stacks, Auditing across varying technology, integrating log sources to a SIEM, and offense/alerts tuning.
• Proven experience in penetration testing and the use of offensive Security Red team tools.
• Proven experience in business continuity and the use of defensive Blue team tools.
• Proven experience in identifying, developing, implementing, and evaluating risk response options, providing management with information for risk response decisions.
• Experience in identifying requirements, developing architectures, and deploying enterprise Security architecture, ensuring adherence to standards and best practices.
• Proficiency in SQL is desirable (minimum Intermediate level).
• Experience with database security administration tools, security assessments, and secure database configuration.
• Knowledge and implementation of best practices and hardening frameworks such as DISA, CIS, NIST, ISO, PCIDSS, etc.

Salary

• Very attractive.

Deadline: 28th September, 2023.

How to Apply: Interested and qualified candidates should send CV to: [email protected] using “CYBER SECURITY SPECIALIST” as the subject of the mail.