Information Technology Security Officer Jobs – FINCA Uganda Limited

Job Title:  Information Technology Security Officer

Organisation: FINCA Uganda Limited

Duty Station:  Kampala, Uganda

 

About US:

FINCA Uganda Limited was the first licensed micro-finance deposit taking institution in Uganda, and part of a global network which serves over 1,000,000 clients in 22 countries. FINCA Uganda currently offers loans, savings and money transfer services in Uganda, one of the most competitive and dynamic microfinance markets in the world.

 

Job Summary: The Information Technology Security Officer is responsible for the security operations in protecting FINCA Uganda information assets such as IT infrastructure, edge devices, networks and data. More granularly against internal and external attacks. S/he will be responsible for preventing unauthorized access and attacks on IT assets.

 

Information Technology Security Officer will help to protect FINCA Uganda information assets by employing a range of technologies and processes to prevent, detect and manage cyber threats. The Information security officer will also be responsible for employing mechanisms of protecting customer data and its privacy to safeguard FINCA against breaches.  The IT security officer will further protect IT infrastructure (including networks, hardware and software) from a range of criminal activity. S/He will monitor networks and systems, detect security threats (‘events’), analyze and report on threats, intrusion attempt, either resolving them or escalating them, depending on the severity.

 

Key Duties and Responsibilities:

  • Setting up and implementing user access controls and identity and access management systems
  • Analyzing and assessing vulnerabilities in the infrastructure (software, hardware, and networks), investigating available tools and countermeasures to remedy the detected vulnerabilities.
  • Performing regular audits to ensure security practices are compliant
  • Deploying endpoint detection and prevention tools to thwart malicious hacks
  • Setting up patch management systems to update applications automatically
  • Implementing comprehensive vulnerability management systems across all assets on-premises and in the cloud
  • Designing new security systems or upgrading existing ones
  • Identifying IT security weaknesses and implementing solutions
  • Working hand in hand with the IS security personnel in planning for disaster recovery in the event of any security breaches
  • Monitoring for attacks, intrusions and unusual, unauthorized or illegal activity
  • Testing and evaluate security products
  • Using advanced analytic tools to determine emerging threat patterns and vulnerabilities
  • Engage in ‘ethical hacking’, for example, simulating security breaches
  • Identifying potential weaknesses and implement measures, such as firewalls and encryption
  • Monitoring identity and access management, including monitoring for abuse of permissions by authorized system users
  • Liaising with stakeholders in relation to IT security issues and provide future recommendations
  • Generating reports for both technical and non-technical staff and stakeholders
  • Maintaining an IT risk register and assist with internal and external audits relating to IT security
  • Monitoring and responding to ‘phishing’ emails and ‘pharming’ activity
  • Assisting with the creation, maintenance, and delivery of cyber security awareness training for colleagues
  • Ensure regular DR tests are done and results properly documented
  • Responsible for driving own Performance Development, collating relevant documentation, preparing for and arranging reviews and 1:1’s


(adsbygoogle = window.adsbygoogle || []).push({});

Qualifications, Skills and Experience:

  • The ideal applicant must hold a Bachelor’s Degree in Information Technology/Computer Science or related field.
  • A professional Security Certification such as (SANS, CISSP, CISA, CISM, Security+, CEH, CNSSP, CFFP).
  • A Network Administration Certifications such as (CCNA /P)
  • At least three years of work experience in an enterprise IT environment as an IT Security professional/ specialist.
  • Proven experience supporting IT security and implementing IT security technologies.

 

Competencies

  • Digital Forensics
  • IT Risk Management
  • Vulnerability scanning, Assessment, and remediation
  • Ethical Hacking & Penetration Testing
  • Windows Administration / Linux Administration & Scripting.
  • Structured Root Cause Analysis and problem management.
  • Reporting Writing, communication and Presentations

 

How to Apply:

All candidates who so wish to take up this role in the aforementioned capacity are encouraged to send their applications with detailed CVs including present position and copies of relevant professional/academic certificates to: ug_jobs@fincaug.org

 

Deadline: 30th November 2022

 

For more of the latest jobs, please visit https://www.theugandanjobline.com or find us on our facebook page https://www.facebook.com/UgandanJobline

 

 

Related Jobs