No more applications are being accepted for this job

Information Systems Security Compliance Engineer - Nairobi, Kenya - Canonical

Canonical Nairobi, Kenya

Found in: beBee S2 KE - 2 weeks ago

Full time

Description

JOB SUMMARY

The team's role is to ensure that Canonical conducts its business processes in compliance with laws and regulations, internal policies and procedures defined and international standards/best practices. This position is for an individual with the knowledge, drive and personal motivation to help build and grow a strong security & compliance governance framework in a fast-growing tech company, as well as help it achieve/maintain the necessary compliance certifications.This role can be home or office based. Periodic international travel for training and business meetings is required.Required skills and experience:2+ years of experience within a security and compliance functionExperience developing and maintaining policies, procedures, standards, and guidelines to align with company's strategy and best practicesExperience with security controls implementation, configuration and maintenanceExperience with vulnerability management tooling, remediation, and processesExperience with coding/scripting in one or more languages (Python, C, C++, Java)Experience with Linux operating systems (Ubuntu preferred)Understanding of concepts related to Systems Engineering/DevOps, IaC, IAM, network security, systems security, cryptographyHave a wide understanding of cybersecurity and data protection frameworks such as ISO 27001, NIST, SOC2, PCI-DSS, GDPR, CCPA.Experience with third party and external auditsValuable experience:Bachelor's degree (or equivalent) in Computer Science, Information Systems, or related fieldAffinity with Open Source software with regards to complianceKnowledge of designing and implementing security processes and solutions with topics ranging from architecture, governance, compliance, and operationsTechnical or engineering background, including software development, scripting, networking, and cloud architecture

RESPONSIBILITIES

Collaborate with IT operations, Legal, Security, and Engineering teams to define and implement policies and proceduresHelp to design and implement controls to strengthen the company's Security PostureCollaborate with various teams to ensure security standards are met across all projectsAssess vulnerabilities/risks that could affect the integrity, availability, or confidentiality of data, systems, or services of the company and provide mitigation solutionsConduct regular audits to ensure compliance with internal policies and procedures, relevant security standards best practices, regulations and client requirements to identify gaps and provide remediation solutionsEnsure controls are configured correctly and integrated into the security strategyCollaborate with internal teams to respond to Security Questionnaires, Contract Compliance and Security & Compliance posture questions from customersProvide guidance and support to internal stakeholders regarding security & compliance practicesCollaborate with internal teams to gather evidence for external auditsParticipate in the creation and or maintenance of the Information Security Management SystemMaintain an up-to-date knowledge on Security standards, best practices and trends to ensure ongoing compliance

REQUIRED SKILLS

Information security, System and network security, System administration

REQUIRED EDUCATION

Bachelor's degree