Senior Information Security Analyst at Kuda Bank

Kuda is a full service, app-based digital bank. Our mission is to be the go-to bank not just for those living on the African continent, but also for the African diaspora wherever they might live, anywhere in the world. Kuda is free of ridiculous banking charges and great at helping customers budget, spend smartly and save more. We raised the largest seed round ever seen in Africa, and completed a Series A funding round in February 2021, led by some of the world's smartest venture capital investors. With offices in London (our HQ), Lagos and Cape Town, and further offices opening across Africa during 2021, Kuda is fast becoming recognised as the leading 'Neobank' for Africans.

To help us grow into the company that can bring meaningful change to the way people across Africa get access to great financial products and services in order to take control of their personal finances, we are actively looking for bright, talented, driven people who are excited by our mission. If this sounds like a great way to spend your valuable time, then please get in touch with us.

We are recruiting to fill the position below:

Job Title: Senior Information Security Analyst

Location: Lagos, Nigeria
Job type: Full-time (Hybrid)

Role Overview

• The Senior Information Security Analyst will be responsible for safeguarding the organization’s information systems, network infrastructure, and data from security threats, vulnerabilities, and incidents.
• This role involves monitoring and analyzing security events, conducting vulnerability assessments, and driving continuous improvements in security posture.
• The Senior Information Security Analyst will work closely with various teams to enhance security operations and contribute to securing the organization’s digital assets.

Key Responsibilities
Security Event Analysis & Incident Response:

• Analyze security events from multiple sources (SIEM, IPS/IDS, firewalls, etc.) to identify the root cause of incidents and determine the appropriate mitigation actions.
• Continuously monitor network and firewall activity to detect anomalous behavior, intrusion attempts, and potential security risks.
• Lead incident response efforts, applying containment and eradication strategies to minimize the impact of security incidents.
• Perform post-incident analysis to understand attack vectors, improve defenses, and provide actionable insights for future prevention.

System & Network Security:

• Evaluate and analyze security configurations of network and system components to ensure they are hardened against known threats and vulnerabilities.
• Perform proactive vulnerability assessments, penetration tests, and risk assessments on internal systems, applications (web, mobile, APIs), and third-party services to identify potential weaknesses.
• Collaborate with cross-functional teams to remediate identified vulnerabilities and ensure system compliance with security standards and policies.

Security Improvement & Innovation:

• Identify opportunities to innovate and enhance the organization’s security posture by researching emerging technologies, security trends, and best practices.
• Recommend new tools, technologies, and processes to improve threat detection, prevention, and response capabilities.
• Drive the adoption of new security measures and processes to continuously improve the overall security program.

Vendor Risk Management:

• Assess and evaluate third-party vendors and service providers against the organization’s security requirements.
• Conduct periodic vendor security reviews and audits to ensure compliance with security standards and identify potential security risks associated with third-party relationships.
• Collaborate with the procurement and legal teams to ensure security controls are embedded into contracts and vendor agreements.

Security Awareness & Training:

• Contribute to the development of security training materials and programs for staff, ensuring they understand and comply with security best practices and organizational policies.
• Mentor and guide junior security analysts, providing leadership and support in incident response, vulnerability management, and security operations.

Reporting & Documentation:

• Generate detailed security incident reports, post-mortem analysis, and vulnerability assessments for internal stakeholders.
• Maintain comprehensive documentation of security incidents, changes, and improvements made to the security environment.

Requirements
Educational Qualification and Experience:

• Bachelor's Degree in Information Security, Computer Science, or a related field.
• 3+ years of experience in information security, with a strong background in security event analysis, incident response, vulnerability management, and risk assessment.

 Skills:

• Strong analytical and problem-solving skills, with the ability to quickly identify and mitigate security threats.
• Excellent communication skills, with the ability to convey complex technical information to non-technical stakeholders.
• Familiarity with security regulatory compliance standards
• Knowledge of network security principles, intrusion detection/prevention, and firewalls.
• Ability to work in a fast-paced environment and handle multiple priorities simultaneously.

Preferred Qualifications (Certifications):

• CISSP (Certified Information Systems Security Professional)
• CISM (Certified Information Security Manager)
• CEH (Certified Ethical Hacker)

Benefits
At Kuda, our people are the heart of our business, so we prioritize your welfare. We offer a wide range of competitive benefits in areas including but not limited to:

• A great and upbeat work environment populated by a multinational team
• Pension
• Career development & growth
• Competitive annual leave plus bank holidays
• Competitive paid time off (Parental, Moving day, Birthday, Study leave etc)
• Group life insurance
• Medical insurance
• Well-fare package (Wedding, Compassionate and etc)
• Perkbox
• Goalr - employee wellness app
• Award winning L&D training
• We are advocates of work-life balance, working in a hybrid in office schedule.

Application Closing Date
Not Specified.

How to Apply
Interested and qualified candidates should:
Click here to apply online