The Ugandan Jobline

Job Title:  IT Security Specialist- Applications  

Organisation: DFCU Bank

Duty Station: Kampala, Uganda

Reporting To: Manager Cyber Defense

About the Company:

DFCU Bank is a fast growing commercial bank offering a variety of innovative products and services. DFCU Limited was started by the Commonwealth Development Corporation (CDC) of the United Kingdom and the Government of Uganda through the Uganda Development Corporation (UDC) under the name of Development Finance Company of Uganda Limited. Later restructuring brought in DEG (of Germany) and International Finance Corporation (IFC) as equal partners with CDC and UDC, each having a 25% stake in the company. Its objective was to support long-term development projects whose financing needs and risk did not appeal to the then existing financial commercial lending institutions.

Job Summary:   Reporting to the Manager Cyber Defense, the role holder will be responsible for ensuring the security and integrity of software applications by implementing, monitoring, and managing security measures to protect against vulnerabilities, threats, and unauthorized access.

Key Duties and Responsibilities:

Conduct vulnerability assessments and penetration testing on applications.

• Identify and remediate security weaknesses in application designs, code, and configurations. This is for both new implementations and also for those changing.
• Collaborate with developers to integrate security into the Software Development Life Cycle (SDLC).
• Promote secure coding practices, such as input validation, encryption, and authentication mechanisms.
• Investigate and respond to application security incidents, such as breaches or malware infections.
• Perform root cause analysis and recommend preventative measures.
• Ensure applications comply with security standards (e.g., OWASP Top 10, ISO 27001, or PCI-DSS).
• Develop and enforce application security policies and guidelines.
• Deploy and manage tools like Web Application Firewalls (WAFs), Static and Dynamic Application Security Testing (SAST/DAST) tools, and runtime protection tools.
• Continuously monitor application activity for anomalies or suspicious behaviour.
• Educate developers and stakeholders on application security risks and best practices.
• Conduct workshops or create resources to build a security-first mindset within development teams.
• Work with cross-functional teams, including developers, DevOps, and BT teams, to address security issues.
• Communicate risks and solutions to both technical and non-technical stakeholders.
• Stay updated on emerging application security threats and technologies.
• Recommend and implement improvements to enhance application security posture.

Qualifications, Skills and Experience:

• A minimum qualification of a Bachelor’s Degree in Computer Science, Information Technology, or a related numerical science degree.
• A Master’s Degree specializing in Digital Security is an added advantage.
• Professional Information and Cyber Security certifications in relevant technologies such as Cisco, Microsoft, and Unix / Linux will be an added advantage.
• At least one information security certification e.g. CISSP, CISM, CEH, CCSP etc.
• At least 5 years experience in systems/network administration role or information and cyber security role.
• Work experience in the banking industry will be an added advantage.
• Experience and qualifications in Ethical Hacking.
• Working Knowledge of systems architecture and systems development.
• Knowledge and experience in application penetration testing.
• Skills and training in internet applications design and security.
• Experience with Web Application Firewalls Proficiency in security technologies such as firewalls, intrusion detection systems, and encryption.
• Knowledge and Experience in Cyber Defense techniques and technologies.
• Experience in UNIX and Windows server administration is an added advantage.
• Technical skills in Unix and Windows and Python scripting skills.
• A demonstrated experience in writing technical reports and management reports for stakeholders is a must.
• Must possess above-average problem-solving skills, organization skills, excellent and communication skills.
• Considered an out-of-the-box thinker and displays a willingness to learn.
• Ability to maintain robust stakeholder engagements, a strong work ethic, and a team player with the ability to work well independently.
• Experience with security frameworks and regulations such as PCI-DSS & ISO 27001.
• Ability to respond immediately to security incidents and provide post-incident analysis.
• Ability to perform security systems testing both in-house and external systems before production deployment.
• Ability to educate employees on security best practices and promote a culture of security awareness.
• Advanced Business Architectural & IT Security skills.
• Analytical Thinking & Inductive Reasoning.
• Planning and Organization.
• Strategic Perspective – Establish priorities, challenging goals and measurements consistent with these goals and organizational vision.
• Critical Judgement and Decision-Making – Define issues and focus on achieving workable solutions to obstacles.
• Good Communicator – Presents ideas effectively, clearly and concisely both orally and in writing.
• Leadership and Interpersonal Skills – Create a culture of continuous development and ownership with self and the team.
• Inspire Commitment –Actions and behaviours are consistent with words.
• Self-Development – Pursues positive change in self and organization. Drives own personal development plan.

How to Apply:

If you believe you meet the requirements as noted above, please forward your application with a detailed CV including your present position and copies of relevant professional/academic certificates, to the email address indicated below:

Vacanciesbank@dfcugroup.com

Deadline: 14th February 2025. Only short-listed candidates will be contacted.

For more of the latest jobs, please visit https://www.theugandanjobline.com or find us on our facebook page https://www.facebook.com/UgandanJobline

Related Jobs