Description
Jumia is a leading e-commerce platform in Africa. It is built around a marketplace, Jumia Logistics, and JumiaPay. The marketplace helps millions of consumers and sellers to connect and transact. Jumia Logistics enables the delivery of millions of packages through our network of local partners. JumiaPay facilitates the payments of online transactions for Jumia's ecosystem. With over 1 billion people and 500 million internet users in Africa, Jumia believes that e-commerce is making people's lives easier by helping them shop and pay for millions of products at the best prices wherever they live. E-commerce is also creating new opportunities for SMEs to grow, and job opportunities for a new generation to thrive.
With over 5,000 employees in more than 10 countries in Africa, Jumia is led by top talented leaders offering a great mix of local and international talents and is backed by very high-profile shareholders. Jumia is committed to creating sustainable impact in Africa. Jumia offers unique opportunities in a vibrant and booming environment, creating new jobs, new skills, and empowering a new generation.
Responsibilities:
- Build out a roadmap for the workforce training, penetration testing and company security policies.
- Perform security reviews and risk assessments as required.
- Recommend and implement changes to enhance systems security and prevent unauthorized access.
- Automate tasks on managing and configuring security-related services.
- Deliver practical awareness training of the workforce on information security standards, policies and best practices.
- Manage security policies and procedures by reviewing and auditing security policies.
- Help to maintain information security policies and company-wide information security controls to protect the integrity of company's assets.
- Help monitor infrastructure compliance of legal requirements and internal policies.
- Exercise and execute incident response plans in response to suspected security incidents.
- Develop, augment or implement open-source and third-party controls to assist in detection, prevention and analysis of security threats.
- Coordinate incident response, including steps to minimize the impact and then conducting a technical and forensic investigation into how the breach happened and the extent of the damage.
- Coach and mentor junior team members.
Requirements:
- Degree in Computer Science or higher in an Information Security field.
- Background in software development or systems administration.
- 5 or more years in a similar position.
- Display strong technical and thought leadership skills.
- Good understanding of network protocols, design, and operations.
- Working knowledge of Security principles, techniques, and technologies.
- Knowledgeable of programming languages like Python, Go, Ruby, etc.
- Comfortable with Web Application Firewalls, SIEM, IDS/IPS.
- Experience with defining and enforcing hardening and other security standards.
- Knowledge of open security testing standards and projects, including OWASP..
- Certifications on Information Security (CISSP, CISA, OSCP, OSWE, OSCE, GPEN, GXPN, GREM, GNFA, GCFA or similar).
- Fluency in English, both written and spoken.
Valued:
- Experience with Cloud environments (AWS, Azure, GCP) is a plus.
- Experience in Identity Management projects or Cloud Access Security Brokers is a plus.
- Working knowledge of PCI-DSS and/or ISO 27001, policy and procedure review and document management, gap analysis, etc is a plus.
- Good understanding of risk-assessment methodologies (OCTAVE, NIST SP 800-30) is a plus.
- Experience in Data Privacy impact assessment (GDPR) is a plus.
- CCP (ex-CAP) is a plus.
- Fluency in French, both written and spoken is a plus.
We offer:
- A unique experience in an entrepreneurial, yet structured environment.
- The opportunity to become part of a highly professional and dynamic team working around the world.
- An unparalleled personal and professional growth as our longer-term objective is to train the next generation of leaders for our future internet ventures.
Please send your CV in English. CV in other languages will not be considered.
Apply at https://bit.ly/2WHr3p1