Background information about the job or company (e.g., role context, company overview)

Jubilee Insurance was established in August 1937, as the first locally incorporated Insurance Company based in Mombasa. Jubilee Insurance has spread its sphere of influence throughout the region to become the largest Composite insurer in East Africa, handling Life, Pensions, General and Medical Insurance. Today, Jubilee is the number one insurer in East Africa with over 450,000 clients. Jubilee Insurance has a network of offices in Kenya, Uganda, Tanzania, Burundi, and Mauritius. It is the only ISO certified insurance group listed on the three East Africa stock exchanges – The Nairobi Securities Exchange (NSE), Dar es Salaam Stock Exchange and Uganda Securities Exchange. Its regional offices are highly rated on leadership, quality and risk management and have been awarded an AA- in Kenya and Uganda, and an A+ in Tanzania. For more information, visit www.JubileeInsurance.com.

We currently have an exciting career opportunity for the role of Cyber Security Analyst at Jubilee Life Insurance Corporation of Tanzania.

Role Purpose

Reporting directly to the IT Manager, the resource will be primarily responsible for identifying potential threats and vulnerabilities to operational environments. Projects could include penetration testing and simulating physical breaches to identify vulnerabilities.

Main Responsibilities

Strategy

• Develop and implement security strategies and protocols to protect against cyber threats and data breaches.
• Collaborate with stakeholders to assess risks and vulnerabilities and devise proactive security measures.
• Stay abreast of emerging security trends, technologies, and best practices to continually enhance our security posture.

Operational

• Monitor, detect, and respond to cybersecurity incidents and threats.
• Conduct vulnerability assessments and security audits across systems and networks.
• Implement and maintain endpoint, network, and cloud security controls.
• Support security awareness and training programs across the organization.
• Collaborate with IT and business teams to ensure secure system design and deployment.
• Participate in the development and enforcement of cybersecurity policies, standards, and procedures.
• Conduct risk assessments and support compliance with regulatory frameworks (e.g., ISO 27001, NIST, GDPR, or local data protection laws).
• Provide technical input during security reviews, penetration testing, and incident post-mortems.

Corporate Governance

• Ensure compliance with regulatory requirements, industry standards, and internal policies related to data protection and privacy.
• Develop and maintain documentation, including security policies, procedures, and incident response plans.
• Provide guidance and support to internal teams on security-related matters and promote a culture of security awareness and compliance.

Key Competencies

• Team Player
• Analytical and Problem-Solving skills
• Strong attention to detail and ability to work under pressure.
• Excellent communication and teamwork skills.
• High ethical standards and integrity.

Qualifications & Experience

• 3–4 years of relevant experience in cybersecurity operations, risk management, or security engineering in Cybersecurity in a large or medium sized organization.
• Bachelor’s degree in computer science, Information Security, Information Technology, or a related field from a recognized institution.
• Professional certifications such as CompTIA Security+, Certified Ethical Hacker (CEH), CISSP (Associate), CISM, is highly desirable.
• Hands-on experience with SIEM tools, firewalls, endpoint protection, and vulnerability management systems.
• Strong understanding of network protocols, secure system architecture, and cloud security best practices.
• Knowledge of incident response and digital forensics processes is an added advantage.
• Knowledge of security policy standard development, secure infrastructure design & reviews
• Working knowledge and experience with virtualization, remote access and secure mobile technologies

• Develop and implement security strategies and protocols to protect against cyber threats and data breaches.
• Collaborate with stakeholders to assess risks and vulnerabilities and devise proactive security measures.
• Stay abreast of emerging security trends, technologies, and best practices to continually enhance our security posture.
• Monitor, detect, and respond to cybersecurity incidents and threats.
• Conduct vulnerability assessments and security audits across systems and networks.
• Implement and maintain endpoint, network, and cloud security controls.
• Support security awareness and training programs across the organization.
• Collaborate with IT and business teams to ensure secure system design and deployment.
• Participate in the development and enforcement of cybersecurity policies, standards, and procedures.
• Conduct risk assessments and support compliance with regulatory frameworks (e.g., ISO 27001, NIST, GDPR, or local data protection laws).
• Provide technical input during security reviews, penetration testing, and incident post-mortems.
• Ensure compliance with regulatory requirements, industry standards, and internal policies related to data protection and privacy.
• Develop and maintain documentation, including security policies, procedures, and incident response plans.
• Provide guidance and support to internal teams on security-related matters and promote a culture of security awareness and compliance.

• Team Player
• Analytical and Problem-Solving skills
• Strong attention to detail and ability to work under pressure.
• Excellent communication and teamwork skills.
• High ethical standards and integrity.
• Hands-on experience with SIEM tools, firewalls, endpoint protection, and vulnerability management systems.
• Strong understanding of network protocols, secure system architecture, and cloud security best practices.
• Knowledge of incident response and digital forensics processes.
• Knowledge of security policy standard development, secure infrastructure design & reviews
• Working knowledge and experience with virtualization, remote access and secure mobile technologies

• 3–4 years of relevant experience in cybersecurity operations, risk management, or security engineering in Cybersecurity in a large or medium sized organization.
• Bachelor’s degree in computer science, Information Security, Information Technology, or a related field from a recognized institution.
• Professional certifications such as CompTIA Security+, Certified Ethical Hacker (CEH), CISSP (Associate), CISM, is highly desirable.