Job Title: Senior Officer Information Security
Organisation: Uganda Communications Commission (UCC)
Duty Station: Bugolobi, Kampala, Uganda
Reports to: Manager Information Security
About the Company:
The Uganda Communications Commission (UCC) is a statutory body established under the Communications Act 2013 to regulate Telecommunications, Broadcasting and Postal sub-sectors. In carrying out its mandate and mission of driving the development of a robust communications sector in the country.
Job Summary: To implement and enhance cybersecurity defenses and mitigate threats by leading the technical operations for both the Commission and Sectorial Computer Emergency Response Team (CERT).
Key Duties and Responsibilities:
- Implement developed cybersecurity processes, procedures, guidelines frameworks and strategies to enhance the effectiveness of the Commission Information Security and CERT’s operations.
- Implement advanced monitoring tools and techniques to continuously monitor communication networks and systems for signs of security breaches, intrusions, malware infections, or other cyber threats.
- Review and submit periodic reports of investigated cybersecurity incidents, information security unit operations, and cyber and threat intelligence as required.
- Coordinate the implementation of cybersecurity awareness and capacity-building programs to enhance the Commission and the sector’s ability to identify, prevent, and respond to cyber threats.
- Coordinate and support the provision of CERT services to internal and external stakeholders, including the development and implementation of operational plans, budgets, processes, and performance scorecards.
- Process all incidents accurately and promptly, ensuring proper classification, prioritization, and escalation when necessary.
- Create and sustain a register for the classification of communication and cyber threats.
- Provide oversight for on-site and off-site security examinations, offer information security advisory services and expertise to the Commission and external stakeholders, and provide practical assistance in managing information security risks and controls.
- Deliver information security consultancy and expertise to internal and external stakeholders, offering practical assistance in managing information security risks and controls.
- Manage and review the performance of direct reports, assigning tasks effectively, setting development goals, and ensuring alignment with organisational objectives.
- Maintain flexibility to accommodate any other duties assigned by the line supervisor from time to time.
Key Performance Indicators
- Implemented cybersecurity processes, procedures, guidelines, frameworks, and strategies.
- Timeliness and accuracy in submitting periodic reports on investigated cybersecurity incidents, Cybersecurity operations, and cyber and threat intelligence.
- Implemented cybersecurity capacity-building programs.
- Conducted on-site and off-site security examinations and advisory services.
- Delivered information security consultancy sessions to internal and external stakeholders.
- Accuracy and timeliness of incident report submissions.
Qualifications, Skills and Experience:
- Master’s degree in computer science, data communication, software engineering, ICT, engineering (electronic, telecommunications, computer), cybersecurity/information security, information technology, or a related relevant field.
- Bachelor’s degree in computer science, cybersecurity/information security, information technology or a related field.
- Membership in a relevant information/cyber security professional body or possession of a professional certification in information security/cybersecurity fields.
Working Experience
- A minimum of four (4) years of progressive experience in Information Security/Cybersecurity in a Corporate environment and a minimum of one year’s experience in a supervisory role.
Skills, Knowledge and Abilities
Technical
- Profound knowledge and expertise in information security/cybersecurity, including log aggregation, visualisation, Automation and digital forensics.
- Strong understanding of legal and regulatory requirements related to incident handling.
- Familiarity with network protocols, intrusion detection systems, and log analysis.
- Knowledge of ethics concerning cybersecurity and privacy, and CERT operations.
Behavioural
- Strong analytical skills.
- Effective communication abilities.
- Capacity for teamwork and collaboration.
How to Apply:
All candidates should complete the online application form and upload their CV, cover letter and relevant certificates at the link below. The CV must include 3 referees including their email address and telephone number.
Deadline: 21st February 2025
Note: Only shortlisted candidates will be contacted. UCC is an Equal Opportunity Employer. Any form of canvassing will lead to automatic disqualification.
For more of the latest jobs, please visit https://www.theugandanjobline.com or find us on our facebook page https://www.facebook.com/UgandanJobline