• Application Deadline: Mon, 23 May 2022 00:00:00 GMT
• Position: Specialist, IT Infrastructure Assessment & Review


• Job Type Full Time


• Qualification BA/BSc/HND


• Experience 5 - 6 years


• Location Lagos


• Job Field ICT / Computer 
  

The Opportunity

• IHS Towers is expanding our global footprint and we are seeking an individual to join our team in Nigeria as Specialist, IT Infrastructure Assessment & Review.


• The Specialist, IT Infrastructure Assessment & Review will support and contribute towards continuous improvement of the company’s cyber-security posture by applying technical know-how and skills to address ongoing enterprise-wide infrastructure security-related issues.

Key Responsibilities

• Safeguard IHS by detecting, preventing and mitigating information security (IS) threats to the company’s infrastructure.


• Provide quarterly network vulnerability assessment of the company’s IT infrastructure by integrating the following tasks:
  
  
  
  • Gather intelligence
  
  
  • Document active and stealth nodes
  
  
  • Enumerate all trust relationships
  
  
  • Identify exposure using commercial tools
  
  
  • Scan network vulnerability
  
  
  • Analyze, categorize and validate vulnerabilities
  
  
  • Catalogue exposure
  
  
  • Examine external visible points of presence
  
  
  • o Query DNS records and enumerate external nodes
  
  
  • Perform TCP/UDP scan of nodes
  
  
  • Conduct manual testing and repeat identification
  
  
  
  


• Support management in realizing cybersecurity ROI


• Collaborate with Group Cyber-security team to drive cybersecurity initiatives.


• Design and implement security controls to safeguard and monitor events for information systems, enterprise network, routers and switches


• Support the implementation of IS projects.


• Assess vulnerabilities related to the company’s network by following general accepted methodology for network assessments.


• Carry out port scans to identify insecure port configurations.


• Continuously monitor the company’s external visible points of presence.


• Provide second-line support for IT security-related issues.


• Collect evidence and documentation of all network-related exposures.


• Deploy Sophos endpoint for 2000 endpoints and 200 servers and for monitoring/ response to detected malware attacks.


• Monitor the company’s Operations Management Suite (OMS) platform for endpoints and severs. Identify and responding to security threats on the platform.


• Monitor firewall logs.


• Conduct network device review covering the following
  
  
  
  • Router security reviews:
  
  
  • Clear Text Rlogin Protocol Service
  
  
  • Simple Network Management Protocol (SNMP)
  
  
  • Clear text (Tenet) review
  
  
  • Console Connection Timeout
  
  
  • Outbound Administrative Access Review
  
  
  • Packet Assembler/ Disassembler
  
  
  
  


• Review IDS policies based on the company’s requirements and best practices.


• Carry out threat monitoring by reviewing firewall and IPS alerts. Follow up with appropriate action.


• Investigate and block phishing email.


• Perform other tasks and duties as assigned by the Senior Manager, IT Security Operations.

Key Qualifications & Experience

• Bachelor's Degree in Computer Science, Engineering, or other related disciplines.


• +5-6 years’ relevant experience in information security and network vulnerability management.


• Professional certifications will be an asset, e.g. ISO27005: Information Security Risk, CEH, EC-Council Certified Security Analyst (ECSA)


• Strong background in security infrastructure and various network technologies, e.g. firewalls, VPN, intrusion/ extrusion detection, vulnerability and risk assessment tools, encryption technologies, data loss prevention, whole disk and device encryption solutions, two-factor authentication, common windows (desktop and server) platforms.


• Demonstrable experience with network and infrastructure vulnerability scanners such as Nessus, NEXPOSE, Nipper, etc.


• Demonstrable knowledge of security best practices such as defence in-depth, least privileges, need-to-know, separation of duties, access controls, and encryption.


• Hands on experience with security systems, e.g. firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.


• Proven experience in network security, networking technologies and network monitoring tools.


• Must possess thorough understanding of the latest security principles, techniques, and protocols.

Behavioural Competencies:

• Analytical Thinking


• Problem Solving


• Collaboration & Teamwork

Functional competencies:

• Penetration Testing


• Vulnerability Lifecycle Management


• Security Incident Response


• Systems Auditing


• Database Security


• Firewall Design


• Intrusion Detection


• System Administration Implementation


• Telecommunications, Network, Wireless & Internet Security

Organizational Competencies:

• Customer Focus - People demonstrating this competency understand & exceed our customers’ needs. They develop trusted, reliable & collaborative relationships. They are consistently operating to the highest standards of service & delivery.


• Innovation - People demonstrating this competency constantly seek new & improved ways to deliver our products & services. They champion engineering & skills development, and work to create a collaborative and supportive operating environment.


• Integrity - People demonstrating this competency are open & honest in everything they do. They support financially & environmentally sustainable growth. They make socially responsible decisions and treat their stakeholders with respect.


• Be Bold - People demonstrating this competency are thorough in analyses & decision-making. They are courageous in expanding existing markets & developing new ones. They confidently pursue appropriate financial returns and are forward-thinking and ambitious.