Job Title: Specialist – BankTech Organisation: MTN Uganda Duty…
Senior Officer Incident Handling and Forensics Jobs – Uganda Communications Commission (UCC)
Job Title: Senior Officer Incident Handling & Forensics
Organisation: Uganda Communications Commission (UCC)
Duty Station: Bugolobi, Kampala, Uganda
Reports to: Manager Information Security
About Organisation:
The Uganda Communications Commission (UCC) is a statutory body established under the Communications Act 2013 to regulate Telecommunications, Broadcasting and Postal sub-sectors. In carrying out its mandate and mission of driving the development of a robust communications sector in the country.
Job Summary: The Senior Officer Incident Handling & Forensics will ensure prompt and effective incident response and forensic analysis, to safeguard and improve the resilience of the communication sector infrastructure and services against cyber threats.
Key Duties and Responsibilities:
- Develop and maintain comprehensive incident response plans tailored to the communications sector, outlining procedures for detecting, assessing, containing, and mitigating cyber incidents.
- Implement advanced monitoring tools and techniques to continuously monitor communication networks and systems for signs of security breaches, intrusions, malware infections, or other cyber threats.
- Assess and prioritise reported security incidents based on their severity, impact, and relevance to critical communication infrastructure and services, ensuring a swift and effective response.
- Serve as the central point of contact for coordinating incident response efforts internally within UCC and externally with communication service providers, government agencies, law enforcement, and other relevant stakeholders.
- Lead efforts to contain and remediate security incidents, including isolating affected systems, removing malware, restoring services, and implementing corrective actions to prevent future occurrences.
- Conduct post-incident analysis to identify lessons learned, gaps in security controls, and areas for improvement in incident response procedures, and prepare comprehensive incident reports for management, stakeholders, or law enforcement as required.
- Provide training, guidance, and support to UCC staff, communication service providers, and other stakeholders on incident handling best practices, timely reporting, and response to security incidents.
- Manage and review the performance of direct reports, assigning tasks effectively, setting development goals, and ensuring alignment with organisational objectives.
- Maintain flexibility to accommodate any other duties assigned by the line supervisor from time to time.
Key Performance Indicators
- Implemented cybersecurity processes, procedures, guidelines, frameworks, and strategies.
- Timeliness and accuracy in submitting periodic reports on investigated cybersecurity incidents, information security unit operations, and cyber and threat intelligence.
- Implemented cybersecurity capacity-building programs.
- Conducted on-site and off-site security examinations and advisory services.
- Delivered information security consultancy sessions to internal and external stakeholders.
- Accuracy and timeliness of incident report submissions.
Qualifications, Skills and Experience:
- Master’s degree in IT, IS, cyber security, computing or related field.
- Bachelor’s degree in computer science, information technology, cybersecurity, or a related field.
- Membership in a relevant professional body or possession of a professional certification in ICT security, CISSP/ GCIA/ GCFA/ CHFI/CEH/ CISA/ CISM.
- Working Experience: Minimum of four (4) years of progressively experience in incident response, including hands-on experience in detecting, analysing, and responding to cybersecurity incidents. This may involve working in a security operations center (SOC), incident response team, or similar role where rapid incident triage and resolution are essential.
Skills, Knowledge and Abilities
Technical
- Knowledge of industry-standard incident response frameworks, such as NIST Incident Response Guide, SANS Incident Handling Steps, or similar methodologies, to guide and streamline incident response processes.
- Proficiency in using incident response tools and utilities, such as packet capture tools, forensic analysis software, memory analysis tools, malware analysis and threat intelligence platforms.
- Experience with IDS/IPS solutions to monitor network traffic, detect suspicious activities, and prevent unauthorised access or exploitation of vulnerabilities.
- Knowledge of vulnerability assessment and management processes to identify and prioritise security vulnerabilities in systems and applications, and coordinate remediation efforts.
- Knowledge of digital forensics principles and techniques to conduct thorough investigations, analyse digital evidence and determine the root cause of security incidents.
Behavioural
- Collaboration with internal and external stakeholders.
- Excellent communication and presentation skills.
- Strong organisational and time management skills.
- Critical thinking, adaptability and resilience.
- High level of integrity.
How to Apply:
All candidates should complete the online application form and upload their CV, cover letter and relevant certificates at the link below. The CV must include 3 referees including their email address and telephone number.
Deadline: 22nd July 2024 by 5:00pm
Note: Only shortlisted candidates will be contacted. UCC is an Equal Opportunity Employer. Any form of canvassing will lead to automatic disqualification.
For more of the latest jobs, please visit https://www.theugandanjobline.com or find us on our facebook page https://www.facebook.com/UgandanJobline