Security Intern - Access Management at Irembo
Irembo |
Type: Internship
Published: 2024-06-09 | Deadline: 2024-06-11
Security Intern - Access Management at Irembo Ltd
Kigali
Irembo is a technology company that designs and develops digital products to ease the accessibility of services in users’ everyday lives worldwide, starting with Rwanda. Our pioneer products, IremboGov and IremboPay, have enabled Rwandan citizens and foreigners to access and pay for over 150 public services online through our one-stop-shop e-governance and payment platforms. To date, we have facilitated over 30 million transactions through our platforms and have ambitious goals to scale our technology worldwide to enable more governments and institutions to serve their citizens better. More information is available on irembo.com.
Project Title: Strengthen access controls and ensure strict compliance across all user accounts and systems.
Project Description
Without strict access controls, we risk unauthorized access and potential data breaches. This project will involve managing user access controls and enforcing zero trust to strengthen our overall security practices and ensure a robust defence against cyber threats.
Scope of Work
- Help manage user access controls and ensure compliance with security policies.
- Review logging, alerting, and audit sources to identify potential security incidents related to access.
- Assist in creating and maintaining an inventory of authorized and unauthorized software.
- Document processes, procedures, and findings to ensure knowledge transfer and compliance with regulatory requirements.
- Respond and assist with security requests and incidents related to access management.
- Stay updated on the latest cybersecurity trends, threats, and technologies through continuous learning and professional development activities.
Required Skills
- In-depth understanding of cybersecurity principles, threats, and mitigation strategies (e.g., threat modeling, IDS/IPS, firewall implementation, risk assessments, etc.).
- Experience with identity and access management systems (e.g., Active Directory, Okta, Azure AD, etc.).
- Knowledge of implementing and managing enhanced security measures, including Two-Factor Authentication (2FA), Multi-Factor Authentication (MFA), Single Sign-On (SSO), and encryption.
- Ability to conduct detailed analyses and produce comprehensive documentation.
- Strong organizational skills to maintain accurate records and inventories.
- Effective communication skills to liaise with various departments and gather necessary information.
- Team-oriented approach to work with different stakeholders towards common security goals.
- Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.
- Good development or scripting experience and skills. Java, Python, Ruby, Ruby on Rails, JavaScript, and/or Go are preferred.
- A basic understanding of network and web-related protocols (such as TCP/IP, UDP, HTTP, and HTTPS protocols).
Key Deliverables
- A detailed list of all authorized software, including version information, licensing, and compliance status.
- A complete list of all authorized administrative accounts, including associated systems and personnel.
- A process for maintaining and updating the software inventory regularly.
- Recommendations for account management improvements and necessary updates.
- Enrollment and enforcement of Two-Factor Authentication (2FA) for all staff.
- Updated access permissions and groups in Notion, reflecting current staff roles and requirements.
- New and updated "How To" documents to guide staff in using Notion securely.
Work Tools and Benefits:
- Work laptop.
- Monthly communication allowance (MTN or Airtel).
- Breakfast, lunch, and hot beverages (tea, coffee) at work.
- Access to mental health support and therapy sessions with licensed therapists through a renowned mental wellness platform.
- Great working environment with growth & learning opportunities, a young, diverse & creative team!
Location
- Nyarutarama, Kigali, Rwanda.
Application Deadline
- June 11, 2024.
Expected Start Date
- June 17 or July 2, 2024.
Internship Duration
- The internship is initially for a duration of three months, with potential extensions based on performance and business needs.
Eligibility
- Only Rwandan Nationals are eligible to apply.
We are an equal opportunity employer and are committed to providing a positive interview experience for every candidate. We're on a mission to change our continent through technology and are committed to a diverse and inclusive workplace and strongly encourage applicants from all backgrounds, nationalities, and walks of life.
Our head office is based in Kigali, Rwanda.