Senior IT Security Engineer

Business Unit IT Security Unit
Key Accountabilities
  • Responsible to provide an in-depth understanding of information security, data privacy, and standards for logical and physical security implementations.
  • Responsible to participate in IT projects, manage internal IT control frameworks and support the local implementation of ISO 27001, ISO 22301 and PCI DSS Controls.
  • Responsible to maintain and update BK Group's security policies and procedures, the risk management process, and other information security activities that are part of maintaining compliance with the relevant regulatory authorities.
  • Maintain compliance documents such as the controls, evidences collected and the audit reports in an organized fashion.
  • Perform vendor risk assessment annually for existing vendors, identify gaps if any and work with the stakeholders and the vendor on next steps. Perform risk assessments for new vendors during evaluation/onboarding.
  • Assist with roll out/tracking of security awareness training within the company.
Experience
  • 5+ years of work experience in IT Security filed with focus on ISO 27001/22301 or PCI-DSS standards
  • Good communication skills with the ability to work with a disparate set of stakeholders inside BK Group; and outside BK Group: auditors, customers, vendors, partners, etc
  • Good understanding of Information Security principles, the relating of compliance controls to those principles and articulating the relevance of controls to stakeholders.
  • Ability to maintain a flexible work schedule to enable interactions across multiple time zones with remote teams is a plus
Qualifications
  • BS in Computer Science or related field
Knowledge
  • Strong knowledge on implementation of ISO 27001, ISO 22301 or PCI-DSS
  • Excellent communication skills – both oral (for interviews/meetings, presentations) and written (for designing and writing engaging reports which communicate findings succinctly and clearly convey the message in a way which is appropriate for the audience, and rooted in the client’s needs).
  • Strong technical capability with understanding of Security Architecture, Networks, Servers, Workstations, Applications and Virtualisation and Cloud Technologies.
Expression of Interest Submit your CV to recruitment@bk.rw by 27th February 2019