Carbon started in 2012 as a brick and mortar consumer lender focused on the Nigerian market. Having raised a Series A round in 2015, we pivoted in 2016 to become a digital lender via the Paylater App (www.paylater.ng) and recently re-branded in April 2019 to Carbon App (https://getcarbon.co). We are focused on providing access to financial services to the “Next Billion’ starting in Africa.

We are recruiting to fill the position of a Information Security Analyst, Infrastructure Engineering in Lagos

What are we looking for?

• The information security analyst will plan and carry out security measures to protect Carbon’s computer networks, endpoints and systems. The individual will be responsible for security audits, assisting in vulnerability and administering security Infrastructure tools.

As part of this job you may:

• Run a daily review of PCI DSS environment network traffic.
• Run a daily call over of audit and systems logs of the PCI DSS environment.
• Monitor security logs of critical public facing services.
• Review Symantec Endpoints threat alerts.
• Gather relevant Security Metrics for Information Security Report.
• Manage Security incident tickets.
• Monitor and follow-up of DLP, IPS and Antivirus exceptions & alerts.
• Work with network engineers to analyze firewall activities.

You should apply if:

• the work we’re doing sounds exciting!
• you’re passionate about Financial Services.
• you’re familiar with some of our technologies or specialise in just one part.
• you want to help build, scale and operate a technology infrastructure to support a product that you (and everyone you know) use or will use every day.
• you’re keen to learn more about new technologies and the arcane inner workings of the financial industry.
• you’re comfortable working in a team that deals with ambiguity.
• you’re interested in distributed systems.

Requirements

We are looking for candidates who can meet the following criteria - We want to emphasis that we don’t expect you to meet all of the below but would love you to have experience in at least one area:

• Experience in monitoring, analyzing and resolving security alerts generated from various sources (networks, servers, endpoints and other event logs).
• Ability to conduct and manage vulnerability scans using external and internal tools.
• Experience in reviewing and monitoring network security to respond in a timely fashion to security alerts, while performing initial triage and providing the necessary information to other team members when necessary to solve the alert.
• Experience in running penetration tests on Technology Infrastructures,
• Experience in running periodic security audits on current IT infrastructure and application software.
• Ability to define and maintain an Information Security Incident Response Plan, including documenting security breaches.
• Ability to manage and administer security infrastructure tools such as IDS/IPS, email gateway, web filtering and endpoint protection consoles.
• Experience in reviewing all system implementation designs and plans to ensure sufficient security and recovery provisions have been included, updating the corporate DRP as appropriate, and ensuring appropriate provisions are made in the BCP.
• Experience in researching the latest information technology (IT) security trends, best practices, threats, and potential vulnerabilities.
• Ability to develop security standards and best practices and recommend security enhancements to management or senior IT staff.
• More than 1 and up to 2 years in as an Information Security Analyst relation job functions.
• Working knowledge of Windows and Linux Server, Bash, SQL and Wireshack
• Expert knowledge of relevant security and privacy legislation.
• Good understanding of software development lifecycle.

Benefits and Diversity

• At Carbon we know that people are the heart of the business and we prioritise their welfare. We offer a wide range of competitive benefits in areas including health, family, finance, community, convenience, growth, time away and relocation.
• We believe a great workplace is one that represents the world we live in and how beautifully diverse it can be.
• That means we have no judgement when it comes to any of the things that make you who you are - your gender, race, sexuality, religion or a secret aversion to coffee. All you need is a passion for technology and a desire to be part of one of the fastest-growing start-ups in the African continent. We’re keen to ensure we redesigning a bank that works for everyone, so we particularly encourage applications from different underrepresented demographics.

How to Apply

Interested and qualified candidates should click here to apply

Important Information

• Our interview process is normally a phone interview, a practical task and call to discuss it, and 1-2 hours of final interviews. We promise not to ask you any brain teasers or trick questions.
• We might design a system together on a whiteboard, the same way we often work together, but we won’t make you write code on one.