World Bank RCIP Information Security Specialist Job Opportunity – National Information Technology Authority-Uganda (NITA-U)

  Information Technology (IT) and Data Jobs in Uganda, NGO - Non-Government Organisations Jobs in Uganda, Uncategorized
Job Title:        Information Security Specialist
Organisation: National
Information Technology Authority-Uganda (NITA-U)
Project Name: Regional
Communication Infrastructure Program (RCIP)
Funding Source: World Bank
Duty Station: Kampala,
Uganda
Reports to: Director
Information Security
About NITA-U:
The National Information Technology Authority-Uganda (NITA-U) was
established as a statutory body under the National Information Technology
Authority, Uganda Act, 2009 as one of the key players in the Information and
Communications Technology Sector. Its mandated is to coordinate, promote and
monitor IT development within the context of national social and economic
development, with a vision as “a facilitator of a knowledge-based, globally
competitive Uganda where social transformation and economic development is
supported through IT enabled services.”
About World Bank RCIP Program:
The Government of Uganda has secured funding from the International
Development Association (IDA) to finance various activities under the Regional
Communications Infrastructure Program (RCIP). The Regional Communication Infrastructure
Program (RCIP) Uganda will complement existing country ICT and e-government
Infrastructure initiatives by helping boost the already existing e-government
infrastructure and bridge the financing and technical gaps. The project will be
implemented by the National Information Technology Authority-Uganda (NITA-U).
The beneficiaries will be the Ministry of Information Communications Technology
(MoICT) and Public Procurement and Disposal of Public assets Authority (PPDA).
Job Summary: The Information
Security Specialist will maintain, support, and integrate Government of
Uganda’s security systems and infrastructure. The Information Security
Specialist will be implementing, maintaining and monitoring appropriate
security controls for the protection of information assets and digital
infrastructure, providing technical response for resolution of incidents, as
well as delivering training on lessons learnt.
Key Duties and
Responsibilities:  
  • In charge of configuring, deploying and
    maintaining information security tools and controls to protect information
    assets and digital infrastructure;
  • The jobholder will be implementing
    information security policies and standards;
  • Offering technical support for cyber
    related incident investigation and resolution;
  • In charge of monitoring the organizations
    networks and critical infrastructure for anomalies and breaches;
  • Preparing status reports on security
    matters to guide decision making;
  • Identifying industry approaches and
    testing tools for usage on IT systems and platforms;
  • Conducting vulnerability assessments and
    penetration tests for networks, IT systems and applications with capacity
    to propose remediation strategies;
  • Providing technical support to the
    development of security standards, guidelines, and procedures;
  • Manage the SIEM, Intrusion Prevention and
    detection solutions for the network;
  • Mentoring and training end users in
    information security awareness and procedures as per approved standards
    and policies;
  • Preparing and submitting periodic
    performance reports and supporting other IT teams;
  • Implementing and maintaining business
    continuity and disaster recovery strategies;
  • Performing any other duties as may be
    assigned from time to time.
Qualifications, Skills and
Experience:
  • The ideal candidate for the World Bank RCIP
    Information Security Specialist job vacancy should hold a Bachelor’s
    Degree in computer science, engineering, information security, information
    systems, information technology or related field.
  • Relevant information security
    certifications preferred such as CISSP, CISA, CISM, GIAC, GCFE, CEH, etc.
  • A minimum of three years of information
    security experience with particular emphasis on configuration of security
    solutions such as firewalls, intrusion prevention and detection,
    vulnerability assessments, penetration testing and IT audits
  • The ideal candidate will have at least an
    active security certifications and current hands-on technical experience
    in end point, firewall security systems administration, network protocols
    and architecture, network/application security, IDS/IPS, forensics,
    encryption, vulnerability and risk analysis, privilege management and
    authentication.
  • Extensive knowledge of information systems
    security standards, solutions and practices (e.g., access control, system
    hardening, system audit and log file monitoring, security policies, and
    incident handling).
  • Demonstrate strong knowledge in various
    security threats, system vulnerabilities, threat exploitation methods, and
    solutions.
  • Broad knowledge in risks associated with
    information security testing.
  • Significant exposure  and knowledge of security protocols,
    computer and network forensics, multiple operating systems including
    Microsoft Windows, Linux and UNIX variants, Apple IOS, Google Android etc.
    and knowledge of security vendors and toolkits.
  • Working knowledge of network and server
    infrastructure technologies and devices including firewalls, routers, and
    switches.
  • Demonstrable knowledge and experience with
    SIEM, IPS/IDS, vulnerability scanner, malware analysis, penetration
    testing, and APT methodologies.
  • Proven experience and knowledge necessary
    to analyze and correlate events across various controls, including web
    proxy, endpoint protection, SIEM, and firewalls
  • Knowledge of ISO27001, NIST 800-53 and
    similar standards will be an added advantage
Personal Competencies:
  • Communications: Good
    communication skills (spoken and written), including the ability to
    communicate effectively with diverse audiences and to prepare a variety of
    written documents in a clear, and concise style.
  • Teamwork: Good interpersonal
    skills and ability to establish and maintain effective working relations
    with people in a multi-cultural, multi-ethnic environment with sensitivity
    and respect for diversity.
  • Integrity: Must be a person of
    proven honesty and does not tolerate corruption and unethical behaviors in
    all its forms and manifestations..
  • Innovation: Must be a person
    with ability to seek new ways of doing things efficiently to deliver value
    to our customers.
  • Customer Centricity: Must be a
    person who strives to satisfy customers and clients. Should be able to
    understand what the customer wants and delivering it flawlessly.
  • Quality: Must be a person who
    thinks of quality and continuous improvement in his/she our work.
How to Apply:
All candidates who meet the job requirements/specifications and with
the right personal attributes are invited to complete and submit their
application form, download here, with a cover letter,
supported by curriculum vitae, copies of certificates and testimonials, and
must specify day time telephone contact, postal and email addresses of both the
applicant and three referees, to the address below.
The Executive Director,
National Information Technology
Authority – UGANDA (NITA-U),
Palm Courts, Plot 7A, Rotary Avenue (former Lugogo bypass)
P.O. Box 33151, Kampala-Uganda
Tel: 0417 801 038
Or via email: rcip@nita.go.ug (application must not exceed 10MBs)
Applicants must also submit with their application verifiable evidence
supporting previous relevant appointments such as appointment letters and
employment contracts.
Deadline: 10th March
2017 by 5:00 PM
NB: No application will
be accepted without a duly completed and signed standard application form (refer
to above).
For more of the latest jobs, please visit https://www.theugandanjobline.com or
find us on our facebook page https://www.facebook.com/UgandanJobline

Related Jobs