The Kenya Revenue Authority (KRA) was established by an Act of Parliament, Chapter 469 of the laws of Kenya , which became effective on 1st July 1995 . The Authority is charged with the responsibility of collecting revenue on behalf of the Government of Kenya. A Board of Directors, consisting of both public and private sector experts, makes policy decisions to be implemented by KRA Management. The Chairman of the Board is appointed by the President of the Republic of Kenya . The Chief Executive of the Authority is the Commissioner General who is appointed by the Minister for Finance. PURPOSE OF KRA Assessment , Collection, Administration and Enforcement of laws relating to revenue.
The job holder is responsible for carrying out cyber security monitoring of the Authority’s IT infrastructure and business systems for malicious activity and/or active threats. The role also involves responding to security incidents including containment, eradication and recovery in the 24/7 Security Operations Centre (SOC).
- Monitor and analyze logs and alerts from a variety of different technologies across multiple platforms in order to identify and mitigate potential (or active) threats, intrusions, and/or compromises in the 24/7 SOC.
- Provide timely detection, identification and alerts of possible attacks/intrusions, anomalous activities, and distinguish these incidents and events from benign activities.
- Identify cyber-attacks targeted to the KRA network and systems, advise and block cyber attacks
- Triage and investigate active threats, security breaches and other cyber security incidents.
- Perform deep-dive incident analysis by correlating data from various sources. Generate/Review event analysis reports of incident investigations
- Escalates cyber security events according to the Authority’s Cyber Security Incident Response Plan
- Monitor and gather threat intelligence from the deep web and dark web for potential threats and incidents, and analyze such threats and risks and recommend appropriate mitigating measures.
- Ensure conformity to ISO (9001/2015 and 27001/2013) and data security requirements.
Bachelor’s degree in Computer Science or IT related field.
Must have at least one of the following certifications or training in CEH/CHFI/ECIH/CISSP or in relevant information security solutions certification, or incidents response
Relevant Work Experience
At least one (1) year related IT security work experience in a large or busy organization.
Technical Skills Required
- Experience in cyber security threat Analysis
- Experience in incident management
- Experience in digital forensics and malware analysis
- Experience in security tests or vulnerability management
- Penetration testing skills
- Research skills
- Experience in cyber security operations(SOC/CIRT)
- Ability to work long hours including night shifts
- Analytical mind with problem-solving aptitude
- Excellent listening, communication and presentation skills
- Reliable and thorough with a deep commitment to accuracy
- Self-motivated and able to work independently
- A team player
- Ability to prioritize competing work commitments and deliver on time
How to Apply
Closing Date : 20 October. 2021
- Salary Offer 0 ~ Ksh10000000 KES 0-ksh10000000 Month
- Address Nairobi, Nairobi, Kenya