IT Security Engineer at Dangote

Description

• The primary mission of this role is ensuring a secured Dangote IT environment by developing and maintaining the Group’s security architecture ensuring that security requirements are adequately addressed throughout the development and acquisition lifecycles for all assets.
• This role would define, implement, assess, and maintain controls necessary to protect information and vital assets in accordance with security requirements.

Responsibilities

• Identity and Access Management – This function responsible for managing and monitoring Privileged identities and access within the Group.
• Vulnerability Assessment and Penetration Testing – Perform vulnerability assessments and penetration testing to identify potential security weaknesses in our infrastructure and applications within the environment.
• Application and Database security - Define, implement, assess, and maintain controls necessary to protect software and applications in accordance with security requirements. This function also includes management and monitoring of database activities.
• Deploying and Managing Security Tools – Design and implement security solutions that are scalable, reliable, and easy to use. Configure and maintain security tools, such as firewalls, intrusion detection systems, and security information and event management (SIEM) systems.
• IT Security Governance – Develop and implement security policies and procedures to ensure compliance with industry standards and regulations. Supporting Group wide IT Security audit exercises , reviewing policies and advising on IT risk findings.
• Security Automation – Using systems in place such as Microsoft sentinel to create automations and playbooks to aid security incident response. This would also include using open-source tools to automate repetitive tasks where necessary.

Education

• B.Sc./HND Computer Science or related course(s).
• 5 - 8 years working experience in same or related position.
• Certification such as MS-500, AZ-500 GSEC, CompTIA, (ISC)2 or any other relevant security related certificates.

Competencies, Skills and Knowledge Attitude

• Strong technical skills in Infrastructure, Application, Network, cloud security, Identity & access management, and security automation.
• Must have deep understanding and familiarity with:
  • Security frameworks and standards, such as NIST, NDPR, ISO27001, etc.
  • PIM/PAM software such as CyberArk
  • SIEM software such as Microsoft Sentinel.
• Vulnerability Management and Penetration testing
• Excellent communication skills both written and oral
• Excellent problem-solving skills.

Requirements

• Bachelor's degree in Computer Science, Information Technology, or a similar technical field
• Minimum of five years of experience in IT security in a construction-facing industry
• Relevant certifications such as CISSP, CISM, GIAC, or any relevant security certification
• Proven track record in developing and implementing security solutions, protocols, and risk management practices
• In-depth knowledge of security frameworks such as NIST, ISO 27001/2, HIPAA, and PCI DSS
• Knowledge of network and security technologies such as firewalls, IDS/IPS, VPN, anti-virus, and encryption
• Excellent communication and interpersonal skills, and the ability to work in a fast-paced environment.