SUMMARY
The IT Security Officer role is responsible for protecting FINCA Uganda information assets such as IT infrastructure, edge devices, networks, and data. More granularity against internal and external attacks. S/he will be responsible for preventing unauthorized access and attacks on IT assets.
Information Technology security officer will help to protect FINCA Uganda information assets by employing a range of technologies and processes to prevent, detect and manage cyber threats. The IT security officer will further protect IT infrastructure (including networks, hardware and software) from a range of criminal activity. S/He will monitor networks and systems, detect security threats (‘events’), analyze and report on threats, intrusion attempt, either resolving them or escalating them, depending on the severity.
Key duties and responsibilities:
- Analyzing and assessing vulnerabilities in the infrastructure (software, hardware, and networks), investigating available tools and countermeasures to remedy the detected vulnerabilities.
- Performing regular audits to ensure security practices are compliant.
- Deploying endpoint detection and prevention tools to thwart malicious hacks.
- Setting up patch management systems to update applications automatically.
- Implementing comprehensive vulnerability management systems across all assets on-premises and in the cloud.
- Designing new security systems or upgrading existing ones.
- Identifying IT security weaknesses and implementing solutions.
- Working hand in hand with the IS security personnel in planning for disaster recovery in the event of any security breaches.
- Monitoring for attacks, intrusions and unusual, unauthorized or illegal activity.
- Testing and evaluate security products.
- Using advanced analytic tools to determine emerging threat patterns and vulnerabilities.
- Engaging in ‘ethical hacking’, for example, simulating security breaches.
- Identifying potential weaknesses and implement measures, such as firewalls and encryption.
- Monitoring identity and access management, including monitoring for abuse of permissions by authorized system users.
- Liaising with stakeholders in relation to IT security issues and provide future recommendations.
- Generating reports for both technical and non-technical staff and stakeholders.
- Maintaining an IT risk register and assist with internal and external audits relating to IT security.
- Monitoring and responding to ‘phishing’ emails and ‘pharming’ activity.
- Assisting with the creation, maintenance and delivery of cyber security awareness training for colleagues.
- Ensuring regular DR tests are done and results properly documented.
- Driving own Performance Development, collating relevant documentation, preparing for and arranging reviews and 1:1’s.
Competencies
You may also like:
- UN recruitment ( January 2025) : 596 Open Jobs/Online application
- Canada Embassy recruitment ( January 2025) : 26 Open Jobs/Online Application
- City of Tshwane recruitment ( January 2025) : 100 Open Jobs/Online application
- International NGOs recruitment ( January 2025) : Open Jobs/Application
- DPSA vacancy Circulars ( January 2025) : Open Jobs/Application
- USAID Recruitment ( January 2025)
To perform the job successfully, an individual should demonstrate the following competencies:
- Strong IT skills and knowledge including hardware, software and networks.
- Meticulous attention to detail.
- Ability to use logic and reasoning to identify the strengths and weaknesses of IT systems.
- A forensic approach to challenges.
- A deep understanding of how hackers work and ability to keep up with the fast pace of change in the criminal cyber-underworld.
- Ability to seek out vulnerabilities in IT infrastructure.
Qualifications, Skills and Experience
- Bachelor’s Degree in Information Technology/Computer Science or related field and those with a professional Certification (SANS, CISSP, CISA, CISM, CCNA/P, Security+) is an added advantage.
- 3 years of working experience in an IT environment.
- Proven IT Disaster Recovery experience
- Proven experience supporting IT security and implementing IT security technologies
- Technical writing experience
All interested and qualified candidates are required to apply be email to ug_jobs@fincaug.org or fill in the application form