80419005 - Engineer, Cyber Security

Nairobi, Kenya

Standard Bank Group

The Standard Bank group is a leading financial services provider that supports Africa’s growth and development.

View company page

Company Description

Standard Bank Group is a leading Africa-focused financial services group, and an innovative player on the global stage, that offers a variety of career-enhancing opportunities – plus the chance to work alongside some of the sector’s most talented, motivated professionals. Our clients range from individuals, to businesses of all sizes, high net worth families and large multinational corporates and institutions. We’re passionate about creating growth in Africa. Bringing true, meaningful value to our clients and the communities we serve and creating a real sense of purpose for you.

Job Description

Job Purpose 

To provide expert professional knowledge and technical skills within a specialist area. To execute the bank's information security initiatives, enabling management to make the appropriate decisions and monitoring the protection of sensitive data and systems.

Key Deliverables 

  • Act as a trusted adviser for information security across the Group and stakeholders.
  • Adhere to and implement the relevant technology standards developed by the wider IT Function.
  • Adhere to Group minimum standards for vendor selection and participate in the selection of the most appropriate vendor with required expertise.
  • Build and develop relationships across the different internal IT teams and with various stakeholders so that the business unit remains involved and aware of internal developments.
  • Consider various attack scenarios and identify appropriate controls, by working with architects and software engineers to specify how information security technologies should be implemented.
  • Continually review system operations, updating and amending processes and products to mitigate risks as identified and discovered to minimise future incidents.
  • Contribute inputs to the setting of reliable and realistic targets and budgets.
  • Contribute to detection and response maturity by recommending security operation centre control improvements.
  • Contribute to the process of digitising and/ or automating of standard operating procedures indicated to contain security risks and optimise efficiencies.
  • Contribute to the review of detection rules, assessing false positives and improve efficacy of detection rules and minimise future false positives.
  • Create and implement standard/ default detection rules as requested by business areas, requesting support as required.
  • Design, scope, execute and document threat hunts to determine if malicious activity exists within the environment, notify the incident response team as appropriate.
  • Implement and operate pro-active monitoring and maintenance support activities to ensure confidentiality, integrity and availability of services and underlying platforms to minimise information security incidents in accordance with the bank's risk appetite.
  • Minimise the spend on Information Security where possible, exercising financial prudence.
  • Participate in and contribute to the automation and/ or integration of repeatable tasks, by building technical control capabilities and maturing their operational effectiveness.
  • Participate in post incident analysis, identify control weaknesses and include remediations in planning and scoping activities, requesting support from more senior team members when required.
  • Prototype and pilot proposed information security solutions or capabilities to identify viability of new developments.
  • Provide ad-hoc advice, assistance, coaching and/ or mentoring to team mates so that their developmental needs are identified and met.
  • Provide input into operational plans and the practical application thereof, and ensure that operational plans are clearly articulated and are understood.
  • Provide insight into the design, management and implementation of relevant policies, processes and systems in order to facilitate the management of risks.
  • Represent the business area in various projects and working groups to positively influence the project outcomes, considering information security goals and requirements.
  • Review both commercial and open source tools to enhance Standard Banks security testing labs.


Minimum Qualifications
Type of Qualification: First Degree
Field of Study: Information Technology

Experience Required
Software Engineering
1-2 years
Proven experience in risk management

3-4 years
Proven experience in software and integration development, databases, operating systems, and network security controls , as well as technical and business management.

Additional Information

Behavioral Competencies:

  • Adopting Practical Approaches
  • Articulating Information
  • Developing Strategies
  • Embracing Change
  • Exploring Possibilities
  • Generating Ideas
  • Interpreting Data
  • Making Decisions
  • Meeting Timescales
  • Producing Output
  • Providing Insights
  • Team Working

Technical Competencies:

  • Data Analysis
  • Debugging and Fixing Software
  • Design Patterns
  • Software Development Life Cycle (SDLC) methodologies & Tools
  • Systems Patterns Integration
  • Technical Analysis
  • Use of Build and Test Automation
  • Write Code
Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Automation Incident response Monitoring Network security Open Source Risk management SDLC

Perks/benefits: Career development Startup environment Team events

Region: Africa
Country: Kenya
Job stats:  13  4  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.