Jumia is a leading e-commerce platform in Africa. It is builtaround a marketplace, Jumia Logistics, and JumiaPay. The marketplace helpsmillions of consumers and sellers to connect and transact.
Jumia Logisticsenables the delivery of millions of packages through our network of localpartners. JumiaPay facilitates the payments of online transactions for Jumia'secosystem.
With over 1 billion people and 500 million internet users in Africa,Jumia believes that e-commerce is making people's lives easier by helping themshop and pay for millions of products at the best prices wherever they live.
E-commerce is also creating new opportunities for SMEs to grow, and jobopportunities for a new generation to thrive.
With over 5,000 employees in more than 10 countries in Africa,Jumia is led by top talented leaders offering a great mix of local andinternational talents and is backed by very high-profile shareholders.
Jumia iscommitted to creating sustainable impact in Africa. Jumia offers uniqueopportunities in a vibrant and booming environment, creating new jobs, newskills, and empowering a new generation.
Build out a roadmap for the workforce training, penetrationtesting and company security policies.
Perform security reviews and risk assessments as required.
Recommend and implement changes to enhance systems security andprevent unauthorized access.
Automate tasks on managing and configuring security-relatedservices.
Deliver practical awareness training of the workforce oninformation security standards, policies and best practices.
Manage security policies and procedures by reviewing and auditingsecurity policies.
Help to maintain information security policies and company-wideinformation security controls to protect the integrity of company's assets.
Help monitor infrastructure compliance of legal requirements andinternal policies.
Exercise and execute incident response plans in response tosuspected security incidents.
Develop, augment or implement open-source and third-party controlsto assist in detection, prevention and analysis of security threats.
Coordinate incident response, including steps to minimize theimpact and then conducting a technical and forensic investigation into how thebreach happened and the extent of the damage.
Coach and mentor junior team members.
Degree in Computer Science or higher in an Information Securityfield.
Background in software development or systems administration.
5 or more years in a similar position.
Display strong technical and thought leadership skills.
Good understanding of network protocols, design, and operations.
Working knowledge of Security principles, techniques, andtechnologies.
Knowledgeable of programming languages like Python, Go, Ruby, etc.
Comfortable with Web Application Firewalls, SIEM, IDS / IPS.
Experience with defining and enforcing hardening and othersecurity standards.
Knowledge of open security testing standards and projects,including OWASP..
Certifications on Information Security (CISSP, CISA, OSCP, OSWE,OSCE, GPEN, GXPN, GREM, GNFA, GCFA or similar).
Fluency in English, both written and spoken.
Experience with Cloud environments (AWS, Azure, GCP) is a plus.
Experience in Identity Management projects or Cloud AccessSecurity Brokers is a plus.
Working knowledge of PCI-DSS and / or ISO 27001, policy andprocedure review and document management, gap analysis, etc is a plus.
Good understanding of risk-assessment methodologies (OCTAVE, NISTSP 800-30) is a plus.
Experience in Data Privacy impact assessment (GDPR) is a plus.
CCP (ex-CAP) is a plus.
Fluency in French, both written and spoken is a plus.
We offer :
A unique experience in an entrepreneurial, yet structured environment.
The opportunity to become part of a highly professional and dynamic team working around the world.
An unparalleled personal and professional growth as our longer-term objective is to train the next generation of leaders for our future internet ventures.