Job Title: IT Security Specialist
Organisation: National Social Security Fund (NSSF)
Duty Station: Kampala, Uganda
Reports to: Manager IT Security
About Organisation:
National Social Security Fund (NSSF) is positioning itself as the Social Security Provider of Choice in Uganda. With our shared purpose of being the Social Security Provider of choice, providing exceptional customer service and better operations with a well-motivated and skilled workforce, we are looking to recruit persons with high integrity and dedication to work with us.
Job Summary: To implement and maintain our security systems by preventing unauthorized access to our data and responding to privacy breaches.
Key Duties and Responsibilities: Duties and Responsibilities include:
- Conduct compliance assessments by understanding business objectives, structure, policies and procedures, internal controls, and external regulations
- Design and implement safety measures and data recovery plans
- Document systems, processes and controls using narratives, flow charts, data flow diagrams, etc.
- Understand and communicate the downstream impact on the business of control deficiencies.
- Advise and collaborate on projects by providing IT controls and risk expertise and considerations
- Analyse IT specifications to assess security risks.
- Install, configure and upgrade security software/applications.
- Secure networks through firewalls, password protection and other systems
- Inspect hardware for vulnerable points of access
- Monitor network activity to identify issues early and communicate them to IT teams
- Act on privacy breaches and malware threats • Serve as a security expert and conduct trainings when needed
- Draft security policies and guidelines
- Completes audit work papers by documenting audit tests and findings
- Collaborate with control owners to implement process changes and track to completion
- Implementation of IT security strategy
Qualifications, Skills and Experience:
- Bachelor’s degree in information security, Computer Science, IT, or a related field; or equivalent professional experience.
- Industry-recognized security certifications such as Cisco Security (CCNP Security, CCIE Security), OSCP, SSCP, CEH, CISSP, GIAC certifications, Microsoft Azure Security Engineer Associate, Microsoft Certified: Cybersecurity Architect Expert, or similar.
Work Experience:
- 4+ years’ experience in cyber security analysis, security engineering, or a similar role.
- Hands-on experience with SIEM platforms, endpoint security, and vulnerability and patch management tools
- Clear understanding of compliance requirements in financial services or regulated sectors.
- 2 years in a Supervisory role will be of added advantage.
Key Competences:
- Network and System Security: Demonstrated experience in securing enterprise networks, systems, and endpoints, including firewall configuration, network segmentation and monitoring.
- Identity and Access Management (IAM): Hands-on experience implementing and managing SSO, MFA, and PAM solutions.
- Vulnerability and Patch Management: Proven ability to identify, prioritize, and close vulnerabilities using automated tools, with a strong understanding of patch lifecycle processes.
- Security Assessments and Penetration Testing: Experience in conducting or coordinating vulnerability assessments, penetration tests, and remediation tracking to ensure system resilience.
- Cloud and Application Security: Experience in securing cloud platforms and applications.
- Security Monitoring and Incident Response: Practical experience using NDR and SIEM tools, threat detection, incident investigation, and forensic analysis.
- Compliance and Risk Management: Working knowledge of ISO 27001, NIST, GDPR, and related frameworks, with the ability to translate compliance into operational controls.
- Analytical and Problem-Solving: Ability to conduct threat intelligence, risk assessments, and provide actionable security insights.
- Communication and Collaboration: Strong skills in explaining security concepts, leading awareness sessions, and coordinating across teams.
- Automation and Innovation: Experience with scripting (Python, PowerShell) and familiarity with Zero Trust architectures and automation in security processes.
How to Apply:
Interested individuals should click here to fill out the application form, Click Here also send copies of their application letter, curriculum vitae and academic qualifications, addressed to the Chief of People and Culture to [email protected]
Deadline: 24th October 2025
For more of the latest jobs, please visit https://www.theugandanjobline.com or find us on our facebook page https://www.facebook.com/UgandanJobline
Level of Education: Bachelor Degree
Work Hours: 8
Experience in Months: 48