Information security specialist job at National Social Security Fund

Vacancy title:
Information security specialist

[ Type: FULL TIME , Industry: Financial Services , Category: Computer & IT ]

Jobs at:

National Social Security Fund

Deadline of this Job:
14 December 2022  

Duty Station:
Within Uganda , Kampala , East Africa

Date Posted: Thursday, December 01, 2022 , Base Salary: Not Disclosed

Similar Jobs in Uganda
Learn more about National Social Security Fund
National Social Security Fund jobs in Uganda


Job Purpose:

To identify, assess, and make recommendations to manage and mitigate the organization’s Information Security risks.

Duties and Responsibilities include:

• Implement information security and privacy policies, standards and procedures to protect the Fund from internal and external threats
• Review and assess information security risks within new and existing systems, processes, policies and procedures and recommend relevant controls.
• Conduct continuous vulnerability assessments and regular penetration tests on the Fund’s systems.
• Create a culture of security awareness by undertaking sensitization/training of staff on information security and privacy risks and control.
• Work with all critical process and system owners to ensure security and data privacy controls are considered at the outset of new projects, products and initiatives.
• Administer information security monitoring systems for incident detection, response, risk mitigation and threat management.
• Implement identity management and access control strategies, policies, procedures, standards, and guidelines.
• Create, revoke and manage identities/access for personnel, service accounts, applications, devices etc.
• Control and monitor access to the Fund’s information assets to identify unauthorized access and potentially malicious activities.
• Conduct regular user access reviews in collaboration with system, process and data owners. Conduct periodic audit log reviews and report any unusual or suspicious activities.
• Work with system and process owners to develop, implement and maintain access control lists and matrices.
• Configure, implement, and manage identity management and access control technologies and tools.
• Establish, administer, and monitor privileged user accounts in accordance with a role-based access scheme.
• Support the Data Protection Officer in conducting data privacy impact assessments.
• Ensure that the IT infrastructure and systems are configured with appropriate technical controls to safeguard them against malicious attacks.
• Monitor compliance with information security policies, guidelines and standards and applicable laws and regulations.

Education Requirements:

• A Bachelor’s degree in Information Systems, Information Technology, Computer Science, Software Engineering or a related field.
• Professional qualifications CEH, CISA or related certifications

Work Experience:
• Minimum of 3 years experience in conducting IT risk or information security responsibilities in a substantial organization.
• Experience in administering information security tools, identity management and access control systems is an added advantage.

Key Competences:

• Strong understanding of information security risk, controls and principles
• Sound knowledge of information security technologies e.g., WAF, NAC, SIEM, DLP, IAM, EDR
• Understanding of Cloud technologies and the associated risks
• Knowledge of networking protocols
• Strong analytical, decision-making and problem-solving skills
• Ability to explain complex security issues to non-technical stakeholders
• Positive attitude towards learning and development
• Ability to work with critical deadlines and prioritize workload effectively.
• Knowledge of the Data Protection and Privacy Act and applicable regulations, National Information Security Framework, ISO 27001, NIST standards etc.

Work Hours: 8

Experience in Months: 36

Level of Education:
Bachelor Degree

Job application procedure

Interested individuals should click to fill out the application form and also send copies of their application letter, curriculum vitae and academic qualifications, addressed to the Chief of People and Culture to  by Wednesday 14th December 2022.
Women are encouraged to apply. Please note that canvassing or lobbying will lead to the automatic disqualification of the candidate.

All Jobs


Job Info
Job Category: Computer/ IT jobs in Uganda
Job Type: Full-time
Deadline of this Job: 14 December 2022
Duty Station: Kampala
Posted: 01-12-2022
No of Jobs: 1
Start Publishing: 01-12-2022
Stop Publishing (Put date of 2030): 02-12-2066
Apply Now

Notification Board:

Join a Focused Community on job search to uncover both advertised and non-advertised jobs that you may not be aware of. A jobs WhatsApp Group Community can ensure that you know the opportunities happening around you and a jobs Facebook Group Community provides an opportunity to discuss with employers who need to fill urgent position. Click the links to join. You can view previously sent Email Alerts here incase you missed them and Subscribe so that you never miss out.

Caution: Never Pay Money in a Recruitment Process.

Some smart scams can trick you into paying for Psychometric Tests.