Detailed Job Description
The IT Risk analyst shall be primarily responsible for security monitoring across the organization’s infrastructure.

Specific job description shall include:
Monitor Unified Payments applications, networks and databases for attacks, intrusions and other unusual activities.
Monitoring events and activities via the Security Incident and Event Management (SIEM) platform and other security tools.
Perform security event and incident correlation using information gathered from a variety of sources within the enterprise.
Analysis of events to identify/detect cyber-attacks/intrusions, anomalous activities, and misuse activities. This includes providing remediation plan and consulting with IT for implementation of remediation strategy.
Vulnerability assessment, remediation management and coordination of penetration testing activities.
Review of threat intelligence, identification of vulnerable assets and implementation of threat prevention plan.
Investigating security alerts and provide adequate incident response.
Endpoint detection and response to ensure threats are managed.
Keeping abreast with emerging cyber security threats, trends and proffering actionable solutions to mitigate them.
Evaluation of the Company’s security products for improvement purposes.
Designing and reviewing of the company’s information security systems and programs.
Identifying potential weaknesses and implementing measures to mitigate them.
Assists with tracking and documenting cyber incidents from initial detection through final resolution.
Liaising with stakeholders in relation to cyber security issues and provide recommendations.
Generating periodic reports for both technical and non-technical stakeholders.
Assist with the creation, maintenance and delivery of cyber security awareness training for staff.

Preferred Qualification
HND / BSC / B.Tech in Cybersecurity, Mathematics, Computer Science, Computer Engineering or any Social Science discipline.
CISA, CISM, CRISC, CEH, CISSP, GIAC or similar security certification is highly desired.
Experience level: 0-5 years experience

The Successful Candidate shall have:
Knowledge of cyber and information security program management and frameworks (e.g. STIG, NIST CSF, ISO/IEC 27000, PCI, CobiT, CIS etc.) and the ability to translate information security policies into operational processes.
Advanced vulnerability management and threat detection skills.
Skilful use of tools such as Intrusion Prevention and Detection Systems (IPS/IDS), Security Information and Event Management (SIEM) tools, Threat Intelligence and vulnerability scanning tools etc.
Extensive and proficient use of security monitoring tools
Excellent verbal and written communication skills to develop positive relationships and effectively communicate with business partners, and all levels of management.
Extremely responsive, with a strong sense of urgency.
Excellent analytical skills in order to identify and communicate security risks and appropriate measures needed to help mitigate those risks.
Must be comfortable in conducting independent research of issues and inquiries in order to provide guidance when requested.
Self-motivated, innovative, creative and possess a passion for excellence and continuous improvement.

Application Closing Date
20th March, 2020.

How to Apply
Interested and qualified candidates should send their CV to: recruitment@up-ng.com using the Job Title as subject of the email.