Job Detail:
Job position: Information Security Specialist
Location: Dar Es Salaam
Job Type: Full Time Job
Job Deadline: 04 July 2022
Job Purpose:
The Information Security Specialist is responsible for design, dimension, acquire, implement, develop and certify information security tools to be used in the company. This position also is responsible for evaluation, review and certify security process, vulnerabilities and risks in all developments for platforms and systems in the company, including the compliance and verification of the security policies and controls for governance.
Job Responsibility:
- Works with other departments and members of the information security team to identify, select and implement technical IS controls.
- Review the configuration of systems and platforms; implement any modifications needed for assuring compliance with policies, standards and best practices, such as ISO 17799, 27001/2, CobiT and ITIL.
- Apply the enterprise information security and risk management program to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the organization.
- Researches, evaluates and recommends information-security-related hardware and software, including developing business cases for security investments.
- Coordinate information security and risk management projects with staff from the IT organization and Business Unit teams.
- Advises security administrators on normal and exception-based processing of security authorization requests.
- Develops a common set of security tools. Defines operational parameters for their use, and conducts reviews of tool output.
- Defines testing criteria for systems and applications.
- Collaborates on critical IT projects to ensure that security issues are addressed throughout the project life cycle.
- Design and execute implementation of security tools including networks and delivery them to production.
- Document systems security and emergency measures policies, procedures, and tests.
- Manage security incidents and events to protect corporate and customer assets.
- Define and implement specific controls for assuring integrity and security of the information and services.
- IS Risk Analysis
- Plan vulnerability-scanning and penetration-testing and design risk treatment plan
- Researches and assesses new cyber threats and security alerts, and recommends remedial actions
- Participate and support for Security Assessment and Awareness programs.
- Information Security network and system management.
Job Qualification and Experience:
At least 3 years of experience in a combination of Information Security, networking or IT jobs, preferably in telecommunication companies, banking, high technology companies or auditing firms in similar positions.