Job Title: Information Security Specialist
Organisation: National
Information Technology Authority-Uganda (NITA-U)
Information Technology Authority-Uganda (NITA-U)
Project Name: Regional
Communication Infrastructure Program (RCIP)
Communication Infrastructure Program (RCIP)
Funding Source: World Bank
Duty Station: Kampala,
Uganda
Uganda
Reports to: Director
Information Security
Information Security
About NITA-U:
The National Information Technology Authority-Uganda (NITA-U) was
established as a statutory body under the National Information Technology
Authority, Uganda Act, 2009 as one of the key players in the Information and
Communications Technology Sector. Its mandated is to coordinate, promote and
monitor IT development within the context of national social and economic
development, with a vision as “a facilitator of a knowledge-based, globally
competitive Uganda where social transformation and economic development is
supported through IT enabled services.”
established as a statutory body under the National Information Technology
Authority, Uganda Act, 2009 as one of the key players in the Information and
Communications Technology Sector. Its mandated is to coordinate, promote and
monitor IT development within the context of national social and economic
development, with a vision as “a facilitator of a knowledge-based, globally
competitive Uganda where social transformation and economic development is
supported through IT enabled services.”
About World Bank RCIP Program:
The Government of Uganda has secured funding from the International
Development Association (IDA) to finance various activities under the Regional
Communications Infrastructure Program (RCIP). The Regional Communication Infrastructure
Program (RCIP) Uganda will complement existing country ICT and e-government
Infrastructure initiatives by helping boost the already existing e-government
infrastructure and bridge the financing and technical gaps. The project will be
implemented by the National Information Technology Authority-Uganda (NITA-U).
The beneficiaries will be the Ministry of Information Communications Technology
(MoICT) and Public Procurement and Disposal of Public assets Authority (PPDA).
Development Association (IDA) to finance various activities under the Regional
Communications Infrastructure Program (RCIP). The Regional Communication Infrastructure
Program (RCIP) Uganda will complement existing country ICT and e-government
Infrastructure initiatives by helping boost the already existing e-government
infrastructure and bridge the financing and technical gaps. The project will be
implemented by the National Information Technology Authority-Uganda (NITA-U).
The beneficiaries will be the Ministry of Information Communications Technology
(MoICT) and Public Procurement and Disposal of Public assets Authority (PPDA).
Job Summary: The Information
Security Specialist will maintain, support, and integrate Government of
Uganda’s security systems and infrastructure. The Information Security
Specialist will be implementing, maintaining and monitoring appropriate
security controls for the protection of information assets and digital
infrastructure, providing technical response for resolution of incidents, as
well as delivering training on lessons learnt.
Security Specialist will maintain, support, and integrate Government of
Uganda’s security systems and infrastructure. The Information Security
Specialist will be implementing, maintaining and monitoring appropriate
security controls for the protection of information assets and digital
infrastructure, providing technical response for resolution of incidents, as
well as delivering training on lessons learnt.
Key Duties and
Responsibilities:
Responsibilities:
- In charge of configuring, deploying and
maintaining information security tools and controls to protect information
assets and digital infrastructure; - The jobholder will be implementing
information security policies and standards; - Offering technical support for cyber
related incident investigation and resolution; - In charge of monitoring the organizations
networks and critical infrastructure for anomalies and breaches; - Preparing status reports on security
matters to guide decision making; - Identifying industry approaches and
testing tools for usage on IT systems and platforms; - Conducting vulnerability assessments and
penetration tests for networks, IT systems and applications with capacity
to propose remediation strategies; - Providing technical support to the
development of security standards, guidelines, and procedures; - Manage the SIEM, Intrusion Prevention and
detection solutions for the network; - Mentoring and training end users in
information security awareness and procedures as per approved standards
and policies; - Preparing and submitting periodic
performance reports and supporting other IT teams; - Implementing and maintaining business
continuity and disaster recovery strategies; - Performing any other duties as may be
assigned from time to time.
Qualifications, Skills and
Experience:
Experience:
- The ideal candidate for the World Bank RCIP
Information Security Specialist job vacancy should hold a Bachelor’s
Degree in computer science, engineering, information security, information
systems, information technology or related field. - Relevant information security
certifications preferred such as CISSP, CISA, CISM, GIAC, GCFE, CEH, etc. - A minimum of three years of information
security experience with particular emphasis on configuration of security
solutions such as firewalls, intrusion prevention and detection,
vulnerability assessments, penetration testing and IT audits - The ideal candidate will have at least an
active security certifications and current hands-on technical experience
in end point, firewall security systems administration, network protocols
and architecture, network/application security, IDS/IPS, forensics,
encryption, vulnerability and risk analysis, privilege management and
authentication. - Extensive knowledge of information systems
security standards, solutions and practices (e.g., access control, system
hardening, system audit and log file monitoring, security policies, and
incident handling). - Demonstrate strong knowledge in various
security threats, system vulnerabilities, threat exploitation methods, and
solutions. - Broad knowledge in risks associated with
information security testing. - Significant exposure and knowledge of security protocols,
computer and network forensics, multiple operating systems including
Microsoft Windows, Linux and UNIX variants, Apple IOS, Google Android etc.
and knowledge of security vendors and toolkits. - Working knowledge of network and server
infrastructure technologies and devices including firewalls, routers, and
switches. - Demonstrable knowledge and experience with
SIEM, IPS/IDS, vulnerability scanner, malware analysis, penetration
testing, and APT methodologies. - Proven experience and knowledge necessary
to analyze and correlate events across various controls, including web
proxy, endpoint protection, SIEM, and firewalls - Knowledge of ISO27001, NIST 800-53 and
similar standards will be an added advantage
Personal Competencies:
- Communications: Good
communication skills (spoken and written), including the ability to
communicate effectively with diverse audiences and to prepare a variety of
written documents in a clear, and concise style. - Teamwork: Good interpersonal
skills and ability to establish and maintain effective working relations
with people in a multi-cultural, multi-ethnic environment with sensitivity
and respect for diversity. - Integrity: Must be a person of
proven honesty and does not tolerate corruption and unethical behaviors in
all its forms and manifestations.. - Innovation: Must be a person
with ability to seek new ways of doing things efficiently to deliver value
to our customers. - Customer Centricity: Must be a
person who strives to satisfy customers and clients. Should be able to
understand what the customer wants and delivering it flawlessly. - Quality: Must be a person who
thinks of quality and continuous improvement in his/she our work.
How to Apply:
All candidates who meet the job requirements/specifications and with
the right personal attributes are invited to complete and submit their
application form, download here, with a cover letter,
supported by curriculum vitae, copies of certificates and testimonials, and
must specify day time telephone contact, postal and email addresses of both the
applicant and three referees, to the address below.
the right personal attributes are invited to complete and submit their
application form, download here, with a cover letter,
supported by curriculum vitae, copies of certificates and testimonials, and
must specify day time telephone contact, postal and email addresses of both the
applicant and three referees, to the address below.
The Executive Director,
National Information Technology
Authority – UGANDA (NITA-U),
Palm Courts, Plot 7A, Rotary Avenue (former Lugogo bypass)
P.O. Box 33151, Kampala-Uganda
Tel: 0417 801 038
Or via email: [email protected] (application must not exceed 10MBs)
Applicants must also submit with their application verifiable evidence
supporting previous relevant appointments such as appointment letters and
employment contracts.
supporting previous relevant appointments such as appointment letters and
employment contracts.
Deadline: 10th March
2017 by 5:00 PM
2017 by 5:00 PM
NB: No application will
be accepted without a duly completed and signed standard application form (refer
to above).
be accepted without a duly completed and signed standard application form (refer
to above).
For more of the latest jobs, please visit https://www.theugandanjobline.com or
find us on our facebook page https://www.facebook.com/UgandanJobline
find us on our facebook page https://www.facebook.com/UgandanJobline