Description
Jumia is a leading e-commerce platform in Africa. It is built around a marketplace, Jumia Logistics, and JumiaPay. The marketplace helps millions of consumers and sellers to connect and transact. Jumia Logistics enables the delivery of millions of packages through our network of local partners. JumiaPay facilitates the payments of online transactions for Jumia's ecosystem. With over 1 billion people and 500 million internet users in Africa, Jumia believes that e-commerce is making people's lives easier by helping them shop and pay for millions of products at the best prices wherever they live. E-commerce is also creating new opportunities for SMEs to grow, and job opportunities for a new generation to thrive.
With over 5,000 employees in more than 10 countries in Africa, Jumia is led by top talented leaders offering a great mix of local and international talents and is backed by very high-profile shareholders. Jumia is committed to creating sustainable impact in Africa. Jumia offers unique opportunities in a vibrant and booming environment, creating new jobs, new skills, and empowering a new generation.
Responsibilities:
- Perform and report security assessments on Jumia systems
- Penetration testing against Jumia networks and services
- Collaborate with development teams to recommend and implement changes to enhance systems’ security and prevent unauthorized access.
- Automate security-related services and tasks.
- Deliver practical awareness training on information security standards, policies and best practices. Promote the security-first culture.
- Monitor systems’ compliance with security best practices, legal requirements and internal policies.
- Develop, augment or implement open-source and third-party controls to assist in detection, prevention and analysis of security threats.
- Regularly exercise and execute blue/red team drills to test incident response plans.
- Participate in real incident response, including steps to minimize the impact and then contributing to the technical and forensic investigation.
Requirements:
- Degree in an IT field or similar experience in Information Security.
- Background in software development or systems administration.
- 3 or more years with hand-on penetration testing in enterprise environments.
- Good understanding of network protocols, design, and operations.
- Working knowledge of Security principles, techniques, and technologies.
- Knowledgeable of programming languages like PHP, Python, Go, Ruby, etc.
- Comfortable with Web Application Firewalls, SIEM, IDS/IPS.
- Experience with defining and enforcing security best practices on a corporate environment.
- Knowledge of open security testing standards and projects, including OWASP, PTES, OSSTM.
- Practical Information Security certifications such as, but not limited to, CEH and OSCP are considered an advantage.
- Fluency in English, both written and spoken.
Valued:
- Experience with Cloud environments (AWS, Azure, GCP).
- Experience in Identity Management systems or Cloud Access Security Brokers.
- Working knowledge of PCI-DSS and/or ISO 27001, policy and procedure review and document management, gap analysis, etc.
We offer:
- A unique experience in an entrepreneurial, yet structured environment.
- The opportunity to become part of a highly professional and dynamic team working around the world.
- An unparalleled personal and professional growth as our longer-term objective is to train the next generation of leaders for our future internet ventures.
Please send your CV in English. CV in other languages will not be considered.
Apply at: https://africainternetgroup.peoplehr.net/Pages/JobBoard/Opening.aspx?v=e03a8dc3-4461-478b-a265-feabe2c0619c