Title:  Cyber Security Analyst

We Go Places! How about you?

Location: Kiambu
Function: Digital & Technology
Sub Function: Digital & Technology - Operations
Type of Contract: Permanent
Closing Date: 21-05-2025

Join KWAL and be a part of something bigger, as we accelerate excellence as a proud member of the HEINEKEN global family.  While we unlock new opportunities and shape the next chapter of our journey, KWAL is embedding a high-performing, agile business driven by innovation and purpose. If you're energized by transformation and inspired to make a meaningful difference, this is your moment to lead change and grow with a business that’s going places – fast!

Job Purpose

This position is responsible for implementation and support of the global cyber security strategy based on the applicable cyber security framework, to reduce the risk of a cyber security incident according to the risk appetite of HEINEKEN and KWAL. Additionally, raise wider cyber security awareness in KWAL.

Main Responsibilities

Security Operations

• Assist with the implementation of the global security standards and procedures by KWAL, D&T and Supply chain teams.
• Assist the operational cyber security teams in the design of controls, standards and procedures that have broad implications, requiring systems integration of one or more technical platforms
• Assist with risk reviews using the risk management procedure for all new local programs/services to be deployed in the KWAL operational environment and help veto programs which do not comply with HEINEKEN’s security standards.
• Assist with compliance assessments of the KWAL OpCo versus the Information Security Standard (ISS) by testing the ISS controls as detailed in the Information Security Procedure (ISP)
• Being an ICT and PCD Security Advisor for KWAL in their remit for any IT security breach or new initiative.
• Assist with digital investigations upon request of Local OpCo/HR or Legal teams.
   

Business Continuity (BC) and Disaster Recovery (DR)

• Assist with the development and annual review/testing of functional DR/BCP plans 
• Interrogate and review DR and BCP plans for all D&T programmes
• Coordinate with other teams to mitigate and resolve security incidents.
• Respond to security incidents and conduct thorough investigations.
   

Vulnerability Management

• Perform regular vulnerability assessments and penetration testing.
• Identify and prioritize vulnerabilities based on risk.
• Work with IT teams to remediate identified vulnerabilities. Analyze and interpret security logs to identify potential threats and vulnerabilities.
• Monitor security alerts and events from various sources.
• Conduct threat intelligence research to stay updated on emerging threats.
   

Security Policy and Compliance

• Ensure compliance with relevant security standards and policies.
• Assist with the annual review process.
• Assist with the development of PCD security, D&T policies, procedures and standards
   

Security Awareness

• Assist with ICT and PCD Security Awareness campaigns within KWAL. 
• Conduct security awareness training for employees.
• Assist with defining, designing and deploying ongoing educational assets to improve security across KWAL.
   

Reporting and Documentation

• Prepare detailed reports on security incidents, vulnerabilities, and mitigation efforts.
• Maintain accurate and up-to-date documentation of security processes and procedures.
   

Minimum Required Qualifications, Knowledge and Experience

Academic Qualifications

• Bachelor’s degree in computer science, Information Security or relevant field.

Professional Qualifications

• IT Security certifications for e.g. CISSP - Certified Information Systems Security Professional, Certified Ethical Hacker or equivalent.
• CompTIA Security+, Microsoft Certified Systems Administrator – Security, CCNP or related. 
• FortiGate certification or equivalent Fortinet certifications.

Experience 

• At least 3 years’ experience in a similar role and 3+ years in cyber security, handling security incidents, and auditing.
• Experience in global security control or operations, including implementing and managing security frameworks like the NIST Cybersecurity Framework.
   

Competencies

Technical Competencies

• Familiarity with the latest ICT technology and compliance requirements.
• Exhibit creativity in developing new ideas, approaches, and solutions to address challenges and enhance ICT processes and systems.
• Proficient in managing data lifecycle processes, ensuring data integrity, and generating accurate and timely reports to support decision-making.
• Skilled in integrating various applications and systems to ensure seamless data flow, enhance functionality, and improve overall efficiency.
• Demonstrate expertise in managing and maintaining databases, ensuring data security, performance, and availability to support organizational needs.
• Proficient in identifying, assessing, and mitigating ICT risks, ensuring the organization’s technology infrastructure is secure and resilient.
• Skilled in implementing and maintaining data security measures, ensuring the protection of sensitive information and compliance with regulatory requirements.

Behavioural Competencies

• Demonstrate a commitment to enhancing processes and performance.
• Continuously seeks new opportunities to enhance products and services. 
• Demonstrate a deep commitment to understanding and meeting customer needs. 
• Employ logical reasoning and critical analysis to evaluate information and make sound decisions. 
• Encourage innovative ideas and approaches to improve products and processes. 
   

Kenya Wine Agencies Limited (KWAL) was incorporated in 1969 and over the years KWAL has become a leading East African beverage champion in the manufacturing, exporting and importation of a wide range of alcoholic and non-alcoholic beverages. KWAL is a HEINEKEN OpCo.