Cytonn Investments
Application Security Engineer Intern
Nairobi
• Kenya
Cytonn Investments
Product Development & Service Design Internship
Nairobi
• Kenya
Cytonn Investments
Legal Internship
Nairobi
• Kenya
Cytonn Investments
Business Systems Analysis Internship
Nairobi
• Kenya
Cytonn Investments
Client Services Assistant Internship
Nairobi
• Kenya
Caritas Microfinance Bank
Digital Financial Services Officer
Nairobi
• Kenya
Mogo Kenya Limited
GPS Re-installation Coordinator
Nairobi
• Kenya
Mogo Kenya Limited
Legal Administrative Assistant
Nairobi
• Kenya
Oasis Outsourcing
Sales Development Representative (SDR)
Nairobi
• Kenya
Get personalised job alerts directly to your inbox!
Equity Bank Kenya
NOC Shift Engineer
Nairobi
• Kenya
Closed for applications
Profession (Banking, microfinance, insurance, Entry and Basic-level)
Industry (Entry and Basic-level)
Aeronautics,Agriculture, fishing, forestry,Automotive,Banking, microfinance, insurance,Computers, software development and services,Construction, renovation, maintenance,Consulting, business support, auditing,Data/Research,Education, academic,Electronics,Energy, utilities, environment,Engineering, architecture,Financial Services,Fitness, well-being and lifestyle,Governmental,Health care, medical,Housekeeping, maintenance,Human resources, talent development, recruiting,Legal, accounting,Manufacturing,Marketing, advertising,Non-profit, social work,Outsourcing, leasing,Real estate,Restaurant, hospitality, travel,Retail, wholesale, FMCG,Telecommunications,Textile, fashion,Transportation, logistics, storage,
Seniority (Banking, microfinance, insurance)
© Fuzu Ltd
Cytonn Investments
Banking + 2 more
Description
Requirements
- Bachelor's degree in Computer Science, Information Systems or specialized training/certification
- Experience in application security, preferably a software security role
- Expertise with browser security controls (CSP, XFO, HSTS), web application security topics such as OWASP Top 10, and authentication infrastructure (SAML, OAUTH)
- Experience building tools and processes to reliably identify security issues such as SQL injection, XSS, CSRF, and business logic flaws across large code bases
- Must be familiar with Cyber Security Tools, network topologies, intrusion detection, PKI, and secured networks
- A grade of B+ and above in KCSE (or equivalent) with good grades in math and languages
- Knowledge and/or experience with threat analysis and penetration testing methodologies and tooling
- Knowledge of at least one programming language, web application technologies and frameworks is an added advantage
- Knowledge of security issues affecting Internet-facing applications
- Knowledge of cloud infrastructure and UNIX/Linux environments
Responsibilities
- Perform static code analysis (SCA) on applications to identify vulnerabilities and report to software engineers for fixing
- Set up and monitor applications for intrusion detection and protect applications against common vulnerabilities
- Secure application infrastructure (servers and databases) against intrusion, ensuring they’re regularly patched against known vulnerabilities
- Manage vulnerability reporting in all applications and systems, including open source software that the applications run on
- Perform analysis of all security systems log files, review and keep track of triggered events, research current and future cyber threats, reconcile correlated cyber security events, develop and modify new and current cyber security correlation rule sets, and operate security equipment and technology
- Perform software testing (patches, other updates)
- Tracking and reporting vulnerabilities in server software by using tools such as CVE
- Preparation of Weekly reporting of common vulnerabilities that affect our environment, as reported on various platforms (CVE etc.) and their mitigations
- Ensuring that the Web infrastructure is monitored and actively protecting applications from common vectors
- Monitoring servers for intrusion and performance
- Ensuring all server software is updated and security patches applied regularly
- Manage vulnerability reporting in all applications and systems, including open source software that the applications run on
- Weekly tracking of all issues raised from penetration testing, vulnerability assessment and static/dynamic scans
- Any other duties as may be assigned from time to time
Start hiring with Fuzu
Recruit better talent faster - on your own or with our support.
Explore recruitment platformJob search tips from Fuzu
Selected articles on cover letters, CV structure, and interview preparation.