Security Operations Manager 168 views0 applications

Fixed Term Kenya Information Technology - Media/Communication Print


The International Rescue Committee (IRC) responds to the world’s worst humanitarian crises, helping to restore health, safety, education, economic wellbeing, and power to people devastated by conflict and disaster. Founded in 1933 at the call of Albert Einstein, the IRC is one of the world’s largest international humanitarian non-governmental organizations (INGO), at work in more than 50 countries and more than 25 U.S. cities helping people to survive, reclaim control of their future and strengthen their communities. A force for humanity, IRC employees deliver lasting impact by restoring safety, dignity and hope to millions. If you’re a solutions-driven, passionate change-maker, come join us in positively impacting the lives of millions of people world-wide for a better future.

The IRC has defined a new strategic mission & vision, along with initiatives and key processes to meet strategic objectives. The IT department provides reliable and scalable application development and infrastructure for the IRC’s offices around the world, including technologically complicated locations. IRC’s ITHQ department includes 150 professionals primarily in the US & Nairobi and over 40 counties supporting 20, 000 staff globally.

Job Overview/Summary:

We are seeking a highly skilled Information Security Manager to join our SecOps team. This role is purely operational and involves monitoring security information and event management (SIEM) systems, investigating security events, running vulnerability scans, and supporting the service desk. The ideal candidate will have experience with Microsoft Sentinel, ServiceNow ticketing, Qualys, and ZeroFox.

Major Responsibilities:

• Continuously monitor the SIEM to identify and analyze potential security incidents and threats.

• Investigate security events escalated from the service desk or managed security service providers (MSSP), determining the root cause and implementing corrective actions.

• Run regular vulnerability scans using tools such as Qualys, and work with relevant teams to remediate identified vulnerabilities.

• Train the service desk on SecOps processes and procedures to ensure effective initial triage of security events.

• Compile and report on operational metrics to provide insights into the security posture and the effectiveness of security controls.

• Leverage Microsoft Sentinel for advanced threat detection and response, utilize ServiceNow for efficient ticket management, and employ ZeroFox for social media threat monitoring and protection.

• Lead a team of highly capable Security engineering staff who maintain security for system environments.­­

• Ability to mentor and have the capability influencing the group.

• Create and drive proactive monitoring and reporting for endpoint and system health including, patching, compliance, and other performance metrics.

• Manage vulnerability remediation and incident handling across global resources

• Implement new security technologies as required to support a dynamic/challenging business environment

• Identify operational opportunities to implement security orchestration and automation capabilities

• Support InfoSec-managed tools and enforcement of global security controls

• Effectively provide general information security guidance & technology support to the business

• Manage on call schedule and incident escalations

• Maintain the day to day operations of configuration management platforms including application deployment and settings distribution

• Work as the escalation point between various teams for Security related activities.

• Drive client and system security model and best practices

• Drive business decisions through data using tools like Splunk

• Integrate with other internal systems and tools

• Manage transition plans for major upgrades or patches

• Diagnose and investigate unique and complex systemic problems

• Work proficiently with minimal daily guidance and bring mature seasoned skills when working

• Evaluate and communicate security risk to a wide and varying audience

Key Working Relationships:

Position Reports to: Director, Security Operations and Enigeering Team

Position directly supervises: One or more analysts

Indirect Reporting: CISO, Senior Director Technology, Operations & Information Security

Other Internal and/or external contacts:

**Internal:**IT leadership and staff across regions, HQ and Nairobi iHub, global Safety and Security Team, line personnel across all regions, emphasis on International Programs.

**External:**Participates in sector discussions of IT security-related issues.

Job Requirements:

**Education:**Bachelor’s degree in an information systems-related field required.

**Work Experience:**3-6 years in IT system design, implementation and operations in a global organization; 1-3 years with IT security systems

Demonstrated Skills and Competencies:

• Significant knowledge in planning, directing, and managing Computer Incident Response Team (CIRT) and/or Security Operations Center (SOC) operations for a large global enterprise

• Ability to manage stressful situations, handle incidents, have a close working knowledge of security issues and appropriate countermeasures, and contributing to a 24x7x365 support environments.

• Ability to maintain situational awareness of escalated events and alerts, tools status, vulnerability status, forensics and malware investigations, intelligence status, and all other SOC functions

• Validated working experience with enterprise class cloud technologies based on the M365 E5 stack as well as firewalls, messaging security (i.e. S/MIME, TLS, DMARC/SPF/DKIM, etc.) encryption, MS Defender (all platforms) Azure Entra, ServiceNow, etc.

• Proven capacity to be a self-starter and work remotely with limited reliance on supervision

• Good interpersonal skills required to help identify key relationships and to maintain them.

• Strong oral and written communications skills

• Familiar with security controls or concepts related to various security community groups or standards: CISSP Domains, NIST cybersecurity & privacy frameworks, CIS benchmarks, OSI model

• Proven experience within Incident Response situations and demonstrated ability to handle and maintain confidential information in a professional manner

• Must possess strong written and verbal communication skills, and be capable of understanding, documenting, communicating, and presenting technical issues in a non-technical manner to audiences with varying degrees of technical expertise

• Be a team player and enjoy collaborating on cross-functional teams

• Familiar with compliance and privacy regulations such as PCI, GDPR, CCPA, SOX, and other regulations/standards

• Leadership skills and the ability to mentor or provide guidance to teams

Language Skills: English required; French and Arabic a plus

Certificates or Licenses:

CISSP, CCSP, or other relevant industry security-focused certifications preferred

**Working Environment:**Hybrid, including remote and standard office work environment.
**Travel:**up to 5%; two trips annually to NYHQ.

**Standard of Professional Conduct:**The IRC and the IRC workers must adhere to the values and principles outlined in the IRC Way – our Code of Conduct. These are Integrity, Service, Accountability, and Equality.

Commitment to Gender, Equality, Diversity, and Inclusion: The IRC is committed to creating a diverse, inclusive, respectful, and safe work environment where all persons are treated fairly, with dignity and respect. The IRC expressly prohibits and will not tolerate discrimination, harassment, retaliation, or bullying of the IRC persons in any work setting. We aim to increase the representation of women, people that are from country and communities we serve, and people who identify as races and ethnicities that are under-represented in global power structures.

More Information

  • Job City Kenya
Apply for this job
International Rescue Committee Kenya
Share this job


International Rescue Committee

The International Rescue Committee (IRC) responds to the world’s worst humanitarian crises and helps people to survive and rebuild their lives. Founded in 1933 at the request of Albert Einstein, the IRC offers lifesaving care and life-changing assistance to refugees forced to flee from war or disaster. At work today in over 40 countries and 22 U.S. cities, we restore safety, dignity and hope to millions who are uprooted and struggling to endure. The IRC leads the way from harm to home.

Since October 2012, the IRC has been responding to humanitarian needs of Nigerians. The IRC initially intervened in response to floods that affected over 7 million people across the country, destroying harvest and damaging homes. The IRC is currently implementing programs in Health, Protection, WASH, Nutrition, Food Security, and Women’s Protection and Empowerment (WPE) in Adamawa and Borno States in North-Eastern Nigeria.

The IRC is dedicated to making women and adolescent girls healthier from the earliest phase of acute crises (a target group most vulnerable during crisis) and implements evidence-based reproductive health interventions in line with the SPHERE-standard Minimum Initial Service Package for Reproductive Health in Crises (MISP). The goal is to ensure that the IRC’s health responses in emergencies include the core package of Reproductive Health (RH) services in its interventions.

The IRC’s Reproductive Health (RH) program is currently implementing (MISP) for RH in 4 health care centers in MMC and Jere LGAs and 1 IDP camp clinic. In addition the program is starting up an emergency mobile programming outside of these areas of Maiduguri in coordination with the WPE team. The focus of this program is to provide quality comprehensive RH and WPE services to conflict-affected women and girls in a timely manner. In addition to the mobile program, the WPE and RH joint mobile teams will be in charge of rapid assessments and rapid response. The mobile teams will be focused in the newly opened LGAs and emergency areas previously inaccessible due to conflict and insecurity. These teams will provide life-saving services to populations outside of Maiduguri, who have not had access to services in approximately 3 years.

Connect with us
More jobs from International Rescue Committee
0 USD Kenya CF 3201 Abc road Fixed Term , 40 hours per week International Rescue Committee

The International Rescue Committee (IRC) responds to the world’s worst humanitarian crises, helping to restore health, safety, education, economic wellbeing, and power to people devastated by conflict and disaster. Founded in 1933 at the call of Albert Einstein, the IRC is one of the world's largest international humanitarian non-governmental organizations (INGO), at work in more than 50 countries and more than 25 U.S. cities helping people to survive, reclaim control of their future and strengthen their communities. A force for humanity, IRC employees deliver lasting impact by restoring safety, dignity and hope to millions. If you're a solutions-driven, passionate change-maker, come join us in positively impacting the lives of millions of people world-wide for a better future.

The IRC has defined a new strategic mission & vision, along with initiatives and key processes to meet strategic objectives. The IT department provides reliable and scalable application development and infrastructure for the IRC’s offices around the world, including technologically complicated locations. IRC’s ITHQ department includes 150 professionals primarily in the US & Nairobi and over 40 counties supporting 20, 000 staff globally.

Job Overview/Summary:

We are seeking a highly skilled Information Security Manager to join our SecOps team. This role is purely operational and involves monitoring security information and event management (SIEM) systems, investigating security events, running vulnerability scans, and supporting the service desk. The ideal candidate will have experience with Microsoft Sentinel, ServiceNow ticketing, Qualys, and ZeroFox.

Major Responsibilities:

• Continuously monitor the SIEM to identify and analyze potential security incidents and threats.

• Investigate security events escalated from the service desk or managed security service providers (MSSP), determining the root cause and implementing corrective actions.

• Run regular vulnerability scans using tools such as Qualys, and work with relevant teams to remediate identified vulnerabilities.

• Train the service desk on SecOps processes and procedures to ensure effective initial triage of security events.

• Compile and report on operational metrics to provide insights into the security posture and the effectiveness of security controls.

• Leverage Microsoft Sentinel for advanced threat detection and response, utilize ServiceNow for efficient ticket management, and employ ZeroFox for social media threat monitoring and protection.

• Lead a team of highly capable Security engineering staff who maintain security for system environments.­­

• Ability to mentor and have the capability influencing the group.

• Create and drive proactive monitoring and reporting for endpoint and system health including, patching, compliance, and other performance metrics.

• Manage vulnerability remediation and incident handling across global resources

• Implement new security technologies as required to support a dynamic/challenging business environment

• Identify operational opportunities to implement security orchestration and automation capabilities

• Support InfoSec-managed tools and enforcement of global security controls

• Effectively provide general information security guidance & technology support to the business

• Manage on call schedule and incident escalations

• Maintain the day to day operations of configuration management platforms including application deployment and settings distribution

• Work as the escalation point between various teams for Security related activities.

• Drive client and system security model and best practices

• Drive business decisions through data using tools like Splunk

• Integrate with other internal systems and tools

• Manage transition plans for major upgrades or patches

• Diagnose and investigate unique and complex systemic problems

• Work proficiently with minimal daily guidance and bring mature seasoned skills when working

• Evaluate and communicate security risk to a wide and varying audience

Key Working Relationships:

Position Reports to: Director, Security Operations and Enigeering Team

Position directly supervises: One or more analysts

Indirect Reporting: CISO, Senior Director Technology, Operations & Information Security

Other Internal and/or external contacts:

**Internal:**IT leadership and staff across regions, HQ and Nairobi iHub, global Safety and Security Team, line personnel across all regions, emphasis on International Programs.

**External:**Participates in sector discussions of IT security-related issues.

Job Requirements:

**Education:**Bachelor’s degree in an information systems-related field required.

**Work Experience:**3-6 years in IT system design, implementation and operations in a global organization; 1-3 years with IT security systems

Demonstrated Skills and Competencies:

• Significant knowledge in planning, directing, and managing Computer Incident Response Team (CIRT) and/or Security Operations Center (SOC) operations for a large global enterprise

• Ability to manage stressful situations, handle incidents, have a close working knowledge of security issues and appropriate countermeasures, and contributing to a 24x7x365 support environments.

• Ability to maintain situational awareness of escalated events and alerts, tools status, vulnerability status, forensics and malware investigations, intelligence status, and all other SOC functions

• Validated working experience with enterprise class cloud technologies based on the M365 E5 stack as well as firewalls, messaging security (i.e. S/MIME, TLS, DMARC/SPF/DKIM, etc.) encryption, MS Defender (all platforms) Azure Entra, ServiceNow, etc.

• Proven capacity to be a self-starter and work remotely with limited reliance on supervision

• Good interpersonal skills required to help identify key relationships and to maintain them.

• Strong oral and written communications skills

• Familiar with security controls or concepts related to various security community groups or standards: CISSP Domains, NIST cybersecurity & privacy frameworks, CIS benchmarks, OSI model

• Proven experience within Incident Response situations and demonstrated ability to handle and maintain confidential information in a professional manner

• Must possess strong written and verbal communication skills, and be capable of understanding, documenting, communicating, and presenting technical issues in a non-technical manner to audiences with varying degrees of technical expertise

• Be a team player and enjoy collaborating on cross-functional teams

• Familiar with compliance and privacy regulations such as PCI, GDPR, CCPA, SOX, and other regulations/standards

• Leadership skills and the ability to mentor or provide guidance to teams

Language Skills: English required; French and Arabic a plus

Certificates or Licenses:

CISSP, CCSP, or other relevant industry security-focused certifications preferred

**Working Environment:**Hybrid, including remote and standard office work environment. **Travel:**up to 5%; two trips annually to NYHQ.

**Standard of Professional Conduct:**The IRC and the IRC workers must adhere to the values and principles outlined in the IRC Way – our Code of Conduct. These are Integrity, Service, Accountability, and Equality.

Commitment to Gender, Equality, Diversity, and Inclusion: The IRC is committed to creating a diverse, inclusive, respectful, and safe work environment where all persons are treated fairly, with dignity and respect. The IRC expressly prohibits and will not tolerate discrimination, harassment, retaliation, or bullying of the IRC persons in any work setting. We aim to increase the representation of women, people that are from country and communities we serve, and people who identify as races and ethnicities that are under-represented in global power structures.

 2025-01-28

NGO Jobs in Africa | NGO Jobs

Ngojobsinafrica.com is Africa’s largest Job site that focuses only on Non-Government Organization job Opportunities across Africa. We publish latest jobs and career information for Africans who intends to build a career in the NGO Sector. We ensure that we provide you with all Non-governmental Jobs in Africa on a consistent basis. We aggregate all NGO Jobs in Africa and ensure authenticity of all jobs available on our site. We are your one stop site for all NGO Jobs in Africa. Stay with us for authenticity & consistency.

Stay up to date

Subscribe for email updates


Give consent that we may collect and use your data.

September 2024
MTWTFSS
« Jan  
 1
2345678
9101112131415
16171819202122
23242526272829
30 
RSS Feed by country:

[email protected]
BBM Channel: C00457142