Header

FINCA Regional Business Security Analyst - Africa

Microfinance IT/MIS Positions in Africa

Opportunity Type: Job

FINCA International

About the Organization:

FINCA International, one of the world's leading MFIs, provides financial services to more than 950,000 clients through 21 wholly-owned and operated subsidiaries in Africa, Eurasia, Latin America, and the Greater Middle East.

About the Job:

Finca International is looking for candidates to fill the following Microfinance IT/MIS positions in Africa:

Regional Business Security Analyst - Africa

Location: Multiple Locations

Job Code: 956

# of openings: 1

Description

FINCA International, one of the world's leading microfinance institutions, provides financial services to more than 950,000 clients through 21 wholly-owned and operated subsidiaries in Africa, Eurasia, Latin America and the Greater Middle East.

Finca International is looking for a Regional Business Security Analyst (RBSA) - Africa who will be based in Dar es Salaam, Kampala, or other African city with international airport and will travel up to 75% of time. RBSA reports to Director of Information Protection with a dotted-line report to the Regional Director of IT. RBSA will be responsible for ensuring that effective security risk management practices are incorporated into IT and business practices within their FINCA region. Assessments and related activities will be the initial focus of the position, but it will grow into a consultative, advisory and governance role. Future duties will include working closely with regional IT staff to design and test effective security controls, as well as ongoing independent risk assessments of business systems.

Major activities:

• Monitor and evaluate (55%)
• Document security and compliance of applications and supporting infrastructure
• Work with security and network staff to resolve identified security issues
• Work with network and IT staff to implement and maintain security monitoring controls
• Audit for internal compliance with FINCA IT and security policies
• Develop recommendations for improvements
• Monitor appropriate sources for newly identified vulnerabilities
• Assess existing systems against those vulnerabilities
• Report on risks, risk mitigations, and residual business risks
• Assess and document security posture of 3rd-party vendors and their services against FINCA standards
• Utilize appropriate tools to evaluate business environment against security policy and business risk posture
• Network vulnerability scanning
• Device configuration management
• Application testing
• Network monitoring
• Log review
• Threat modeling
• Source code review
• Other techniques as appropriate
• Evaluate application development and implementation activities for security risks
• Monitor appropriate industry sources to maintain awareness of new security tools and techniques

Plan and organize (20%)

• Communicate and collaborate with internal clients to establish security direction, and provide influence and leadership on current and future technical security directions
• Manage all phases of project planning in security service support, including functional requirements, design specifications, testing and quality assurance, implementation and support
• Provide input to the annual Information Protection budget cycle

Acquire and implement (15%)

• Ensuring that security requirements are identified early on and are being incorporated into all projects/applications
• Investigate, recommend, evaluate, deploy and integrate security tools and techniques to improve our ability to protect corporate assets and infrastructure
• Develop and maintain documentation of relevant IT systems and security controls
• Assess and capture security requirements within context of enterprise application architecture
• Ensure that application development and deployment meet FINCA security standards
• Provides security input to design and application architectural reviews

Deliver and support (10%)

• IT security technical consulting services
• Research security issues and provide evaluations and recommendations to management
• Provide security awareness training to staff
• Participate as a member of the Regional Information Systems and Incidents Emergency Response Team

Ideal profile:

• Knowledge and Education
• Bachelor's Degree in a technical discipline or equivalent work experience
• Certifications are not required, but will be considered in the evaluation process. Applicable certifications include: SANS, Cisco, CISSP
• Knowledge of security and control frameworks (such as ISO 27001, CobiT)

Professional Experience

• Minimum 4-6 years of experience performing IT security assessments
• Experience with common assessment tools (examples nessus, Foundstone, Qualys, nCircle)
• Experience communicating assessment results to audiences with diverse technical proficiency
• Experience constructively articulating business impact of vulnerabilities to various stakeholders
• Experience with multiple platforms (i.e. Windows, Unix/Linux, etc.)
• Demonstrated capability to drive holistic improvements in practices and processes desired
• Experience implementing and managing security technologies, including access control, auditing, log management, IDS/IPS, firewalls, antivirus & malware desired.
• Experience securing mobile technologies preferred
• Understanding of application security principles desired.
• Experience conducting application security reviews preferred.
• Experience with scripting languages desired.

Job Skills

• Fluency in written and spoken English
• Excellent communication and presentation skills.
• Ability to present information and ideas clearly and concisely
• Effective at reviewing prioritizing and communicating identified risks
• Experience working within a distributed team-oriented environment
• High degree of initiative, dependability and ability to work with little supervision
• Proven ability to balance, prioritize and organize multiple tasks
• Accuracy, attention to detail and awareness of deadlines
• Strong commitment with the social mission of FINCA
• High level of personal integrity, and the ability to professionally handle confidential matters with appropriate judgment and maturity
• Ability to influence without authority
• High level of energy and enthusiasm
• Creative and flexible

The position is based in Uganda or Tanzania.

PLEASE SUBMIT RESUME AND COVER LETTER IN ENGLISH

FINCA International Inc. is an Equal Opportunity Employer.

To Apply:
http://tbe.taleo.net/NA6/ats/careers/requisition.jsp?org=FINCA&cws=1&rid=956