Senior, Information Security Analyst
Lagos, Lagos, Nigeria
Carbon
Carbon is a financial services provider of Instant loans, Buy Now Pay Later & Savings. For a reliable loan app in Nigeria, get Carbon https://www.getcarbon.co/About
Carbon is a pan-African digital bank with a mission to provide friction-free finance to its customers. Carbon promises to play a fundamental role in its customers’ lives wherever they are, with flexible solutions. We pride ourselves on our efficiency and with just $10mm of equity raised in 2015, we have disbursed over $100m in loans and earned more than $30mm in revenue over the last 2 years. Carbon has operations in Ghana, Kenya, and Nigeria, supported by a talented team spread between Lagos, Nairobi, London, Argentina, and Palo Alto so we operate with a remote-first mindset.
At Carbon, we are:
Passionate: We love what we do and have an ownership mentality.
Resourceful: We make do with what we have. Not wasteful
Intelligent: We are forever learning to better ourselves, constantly experiencing & testing to understand the problem space better
Maverick: We try the unconventional, question widely held assumptions.
Executors: We get shit done. No excuses
Data-Driven: Rigorous in using data for decisions, experiments to test assumptions and hypothesis
Role
The information security analyst will implement security measures to protect Carbon’s computer networks, endpoints, and systems.
The individual will be responsible for the security and regulatory compliance audits, assisting with invulnerability, and administering security infrastructure tools.
Responsibilities
- Run a daily review of PCI DSS environment network traffic
- Run a daily call over of audit and systems logs of the PCI DSS environment
- Monitor security logs of critical public-facing services
- Review Endpoint Security logs and threat alerts
- Gather relevant Security Metrics for Information Security Report
- Manage Security incident tickets.
- Monitor and follow up on DLP, IPS, and Antivirus exceptions & alerts
- Work with network engineers to analyze firewall activities.
- Ensure compliance with local IT regulatory standards
Requirements
We are looking for candidates who can meet the following criteria. We want to emphasize that we don’t expect you to meet all of the below but would love you to have experience in some areas and a willingness to learn and expand your knowledge in other areas.
- Experience in monitoring, analyzing, and resolving security alerts generated from various sources (networks, servers, endpoints, and other event logs).
- Ability to conduct and manage vulnerability scans using external and internal tools.
- Experience in reviewing and monitoring network security to respond in a timely fashion to security alerts, while performing initial triage and providing the necessary information to other team members when necessary to solve the alert.
- Experience in running penetration tests on Technology Infrastructures,
- Experience in running periodic security audits on current IT infrastructure and application software.
- Ability to define and maintain an Information Security Incident Response Plan, including documenting security breaches.
- Ability to manage and administer security infrastructure tools such as IDS/IPS, email gateway, web filtering, and endpoint protection consoles.
- Experience in reviewing all system implementation designs and plans to ensure sufficient security and recovery provisions have been included, updating the corporate DRP as appropriate, and ensuring appropriate provisions are made in the BCP.
- Experience in researching the latest information technology (IT) security trends, best practices, threats, and potential vulnerabilities.
- Ability to develop security standards and best practices and recommend security enhancements to management or senior IT staff.
- Minimum of 5 years in as an Information Security Analyst relation job functions.
- Working knowledge of Windows and Linux Server, Bash, SQL, and Wireshark
- Expert knowledge of relevant security and privacy legislation.
- Good understanding of software development lifecycle.
- Familiarity with Cloud Platforms like AWS or GCP
- Experience with IT security and compliance standards both local and international like NITDA, CBN, ISO, PCI-DSS, etc
Recruitment process
- Interview with the People team
- Case Study ( Assessment)
- Interview
Benefits
- A great and upbeat work environment populated by a multinational team.
- Potential to work in different geographies.
- Health Insurance.
- Life Insurance
- Career development & Growth.
- Offer a remote working option.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Antivirus Audits AWS Bash Cloud Compliance Endpoint security Finance Firewalls GCP IDS Incident response IPS IT infrastructure Linux Monitoring Network security PCI DSS Privacy SDLC SQL Vulnerabilities Vulnerability scans Windows
Perks/benefits: Career development Flex hours Health care
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Cybersecurity Engineer jobs
- Open Security Operations Engineer jobs
- Open Cloud Security Architect jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Architect jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Security Consultant jobs
- Open Security Operations Analyst jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information System Security Officer jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open DevSecOps-related jobs