Description:

Job Title: Senior Information Security Analyst

About Carbon

We are a digital Tier 1 Unit microfinance bank. Our mission is to provide accessible and affordable financial services to individuals and businesses across Nigeria. We leverage technology to meet the evolving needs of individual customers and SMEs, driving financial inclusion and economic growth. We offer a wide range of banking services, including savings, loans, and payment solutions, all designed to simplify banking for modern Nigerian customers.

At Carbon, we are:

Passionate: We love what we do and have an ownership mentality.

Resourceful: We make do with what we have. Not wasteful

Intelligent: We are forever learning to better ourselves, constantly experiencing & testing to understand the problem space better

Maverick: We try the unconventional, question widely held assumptions.

Executor: We get shit done. No excuses

Data-Driven: Rigorous in using data for decisions, experiments to test assumptions and hypothesis 

About the role

The information security analyst will implement security measures to protect Carbon’s computer networks, endpoints, and systems.

The individual will be responsible for the security and regulatory compliance audits, assisting with invulnerability, and administering security infrastructure tools.

Responsibilities

• Run a daily review of PCI DSS environment network traffic
• Run a daily call over of audit and systems logs of the PCI DSS environment
• Monitor security logs of critical public-facing services
• Review Endpoint Security logs and threat alerts
• Gather relevant Security Metrics for the Information Security Report
• Manage Security incident tickets.
• Monitor and follow up on DLP, IPS, and Antivirus exceptions & alerts
• Work with network engineers to analyze firewall activities.
• Ensure compliance with local IT regulatory standards

Requirements

We are looking for candidates who can meet the following criteria. We want to emphasize that we don’t expect you to meet all of the below but would love you to have experience in some areas and a willingness to learn and expand your knowledge in other areas.

• Experience in monitoring, analyzing, and resolving security alerts generated from various sources (networks, servers, endpoints, and other event logs).
• Ability to conduct and manage vulnerability scans using external and internal tools.
• Experience in reviewing and monitoring network security to respond in a timely fashion to security alerts, while performing initial triage and providing the necessary information to other team members when necessary to solve the alert.
• Experience in running penetration tests on Technology Infrastructures,
• Experience in running periodic security audits on current IT infrastructure and application software.
• Ability to define and maintain an Information Security Incident Response Plan, including documenting security breaches.
• Ability to manage and administer security infrastructure tools such as IDS/IPS, email gateway, web filtering, and endpoint protection consoles.
• Experience in reviewing all system implementation designs and plans to ensure sufficient security and recovery provisions have been included, updating the corporate DRP as appropriate, and ensuring appropriate provisions are made in the BCP.
• Experience in researching the latest information technology (IT) security trends, best practices, threats, and potential vulnerabilities.
• Ability to develop security standards and best practices and recommend security enhancements to management or senior IT staff.
• Minimum of 5 years  as an Information Security Analyst relation job functions.
• Working knowledge of Windows and Linux Server, Bash, SQL, and Wireshark
• Expert knowledge of relevant security and privacy legislation.
• Good understanding of software development lifecycle.
• Familiarity with Cloud Platforms like AWS or GCP
• Experience with IT security and compliance standards both local and international like NITDA, CBN, ISO, PCI-DSS, etc

Recruitment process

• Call with People team
• Case Study ( Assessment)
• Interview

Benefits

• A great and upbeat work environment populated by a multinational team.
• Health Insurance
• Life Insurance
• Career Development & Growth