Cybersecurity Analyst at Africa RE

Following a recommendation of the African Development Bank (AfDB), the African Reinsurance Corporation (Africa Re) was established on 24 February 1976 in Yaounde, Cameroon. An international Agreement was signed by the Plenipotentiaries of 36 member States of the Organization of African Unity (OAU) and the AfDB with the aim of reducing the outflow of foreign exchange from the continent by retaining a substantial proportion of the reinsurance premiums generated therein. That Agreement, known and referred to as the Agreement Establishing the African Reinsurance Corporation confers on Africa Re its current status as well as the legal authority to operate. As at today, Africa Re has 41 member States representing 38.75 % of the capital (end 2010) in addition to the AfDB, which is among the single largest shareholders with 8% of the capital (end 2010). The Agreement also empowers any member State to authorize a national institution, either a bank or an insurance company acting on its behalf, to purchase the shares reserved for the State. In order to allow its cedants to share the Corporation's fortune and participate more closely in its affairs, one-third of Africa Re's capital was opened up in 1992 to insurance companies with a majority indigenous shareholding. A good number of the companies have already subscribed and paid up for the shares allotted to them. To date, more than 100 insurance and reinsurance companies are shareholders of Africa Re with a 32.25 % combined stake (end 2010).

Job Details

RESPONSIBILITIES

• The successful candidate shall report to the Head of Infrastructure Services in the Information & Communications Technology (ICT) Department at the Head Office.

DUTIES / JOB DETAILS

• The main duties of the Cybersecurity Analyst shall comprise, amongst others, the following:
• Analyze, investigate, respond, and recover from/to cybersecurity incidents, events and threats as per the incident response lifecycle.
• Work with professional cybersecurity consultants to manage and maintain all the security controls deployed on the Corporation's network: Network Firewalls, Switches and Routers, Network Access Control (NAC), Security Information and Event Management (SIEM), etc.
• Work alongside senior engineers and subject matter experts (SME) to evaluate and select assessment tools and other cybersecurity technologies to enhance the existing security solutions.
• Understand the Corporation’s IT/security infrastructure and business requirements as well as mitigate security concerns and IT risks as needed.
• Given the rapidly evolving cyber threats landscape, candidate shall maintain an ongoing learning and continually stay abreast of relevant industry updates and changes via conferences, training, and events.
• Monitor and regularly perform security technology reviews and security risk assessments. Serve as a risk advocate and collaborate with the enterprise risk and compliance management department.
• Recommend security solutions to mitigate risk and improve the security posture of the Corporation and the internal environments.
• Continually improve security posture and provide hands-on cybersecurity support to address IT security issues as needed.
• Work closely with other members of the ICT team to implement policies and technology to secure information, computer, network and processing systems.
• Manage and configure tools to monitor activity on the network. Analyze the reports from those tools to identify unusual behavior on the network (detection of cyber threats) and then implement safeguard measures to protect the enterprise network.
• Apply security patches to protect the network and proactively identifies network vulnerabilities through penetration testing, vulnerability scans and generated assessment reports.
• Perform network penetration tests, organize network-based scans to identify possible network security attacks and host-based scans to identify vulnerabilities in workstations, servers and other network hosts.
• Leverage existing integrated platform for users’ security awareness training combined with simulated phishing attacks to regularly educate all workforce involved in using and managing IT assets.

Main Competencies

COMPETENCIES AND ADDITIONAL REQUIREMENTS

• Advanced understanding of cybersecurity principles, methods, and technologies, with a detail-oriented, customer-focused approach.
• Ability to build strong stakeholder relationships for effective cybersecurity measures and excellent presentation skills for non-technical audiences.
• Monitoring systems, implementing security policies, analyzing incidents, and collaborating with IT teams to resolve issues.
• Conducting security audits, tracking incident response metrics, and performing regular risk assessments.
• Flexibility to adapt to changing threats, proficiency in cybersecurity tools, and integrity in handling sensitive information.
• Comprehensive knowledge of current cybersecurity threats, ability to work independently or collaboratively, and proficiency in Microsoft Office and integrated cybersecurity software.

MINIMUM QUALIFICATIONS AND EXPERIENCE:

Applicants must meet the following requirements:

• Holders of Bachelor's degree in cybersecurity or Bachelor's degree in computer science, computer engineering or related field with a concentration or majors in cybersecurity.
• The candidate must have 1-2 years of relevant cybersecurity work experience in enterprise cybersecurity. Experience can be in any discipline of cybersecurity, with a preference for incident response.
• Relevant cybersecurity work experience with knowledge or product expertise in either security testing; security integration and governance; malware analysis; cloud security or risk and compliance.
• Able to contribute to the development of security standards, access controls and compliance requirements based on industry standards and compliance with one or more of the following is preferable: ISO27001, NIST Cybersecurity Framework.
• Applicants that possess knowledge of data security and personal data privacy protection standards, including classification, encryption, Data Loss Prevention (DLP), privacy laws, and regulations, have an advantage.
• Applicants with functional understanding of secure network architecture and the capability to construct, manage, and report metrics that assess the efficacy of security mechanisms will have a competitive edge.
• Candidates must possess any of the following cybersecurity professional certifications: CompTIA's Security+, CompTIA Cybersecurity Analyst, CompTIA Advanced Security Practitioner, CompTIA Security Analytics Expert, Certified Ethical Hacker (CEH) Certification, Offensive Security Certified Professional (OSCP), Certified Security Testing Associate (CSTA), Computer Hacking Forensic Investigator (CHFI), GIAC Penetration Tester (GPEN) or similar industry recognized certifications within the last 2-3 years.

SALARY AND BENEFITS

• The successful candidate shall have the following benefits:
• Competitive Basic Salary on the Corporation’s Support Staff Grade Levels
• Variable pay (Annual Performance Bonus)
• Joint contribution to the Provident Fund (7% of the basic salary paid by staff and 14% by the employer)
• Children education subsidy for each child up to 26 years (maximum 4 children)
• Medical cover for staff and dependents
• Housing Allowance
• Inflation Adjustment Allowance that may increase or decrease depending on the economic situation.
• Additional Requirements

ADDITIONAL REQUIREMENTS FOR CANDIDATES FOR THIS POSITION

• Applicants must be:
• Solution-oriented with an aptitude for solving problems and taking initiative.
• Team player with strong collaboration skills
• Hands-on engineer, highly motivated with a willingness to learn new technologies.
• Able to communicate effectively (written and oral) in English Language
• Working knowledge of French Language will be an added advantage.

Method of Application

Signup to view application details. Signup Now