Summary
Date Posted: Thursday, January 30 2025, Base Salary: Not Disclosed

JOB DETAILS:
Job Description:
The Information Security Officer will be responsible for identifying and mitigating IT risks, responding to observations identified by third-party auditors or examiners, and assisting in the development of periodic reports and dashboards presenting the level of controls compliance and current IT risk posture. The role requires a dynamic individual with a deep understanding of both microfinance operations and technological innovations.

Main Responsibilities:
• Serve as a core member of the Security Operation Centre (SOC), monitoring and optimizing security tools to ensure data integrity.
• Conduct dedicated monitoring and analysis of cybersecurity events using various tools to investigate and understand security incidents, leading to effective incident response (IR).
• Analyze and detect security threats through threat intelligence-based detection and behavior analysis.
• Perform data mining of log sources to uncover and investigate anomalous activities, tuning rules, filters, and policies to enhance detection accuracy and visibility.
• Manage security incident communications, including initial reporting, follow-ups, and resolution activities.
• Provide threat and vulnerability analysis, along with security advisory services.
• Analyze and respond to undisclosed software and hardware vulnerabilities.
• Investigate, document, and report on information security issues and emerging trends.
• Develop a program plan that includes security gap assessments, policies, procedures, standards, training, certification, and testing.
• Collaborate with management and the IT department to enhance security measures.
• Document any security breaches and assess their impact.

Knowledge, Skills, and Abilities:
• BSc/MSc degree in Computer Science, Information Security, Cyber Security, or related IT fields.
• Professional Information Security Certifications such as CEH, CCNA Security, or CompTIA Security+ are preferable.
• Certification as ISO/IEC 27001 Lead Implementer is a MUST.
• Minimum of 3 to 5 years of experience in Information Security, focusing on incident monitoring and detection.
• Solid knowledge of various information security frameworks.
• Technical expertise in areas including Security Information and Event Management (SIEM), SQL, TCP/IP, networking, programming languages, IDS/IPS, penetration and vulnerability testing, forensics, firewall and intrusion detection/prevention protocols, operating systems (Windows, UNIX, Linux), network protocols, packet analysis tools, Next-Gen AV, DLP, email, storage, syslog, Windows Server, and Identity Access Management.
• Prior experience in detecting, analyzing, and responding to security incidents.
• Understanding of common security threats, attack vectors, vulnerabilities, and exploits.
• Excellent oral and written communication skills.
• Strong analytical and problem-solving abilities.
• Self-starter who works well both independently and in a team environment, with the ability to adapt to changing priorities.
• Excellent interpersonal and organizational skills.

Work Hours: 8

Experience in Months: 36

Level of Education: Bachelor Degree

Job application procedure
Interested in applying for this job? Click here to submit your application now.

Mode of Application:
Applicants who consider themselves competent for the above-mentioned positions should drop their applications at the ASAMTL Head Office at House No. 01, Plot No. 87, Msese Street, Kinondoni Road (Near Kinondoni Makaburini), Dar es Salaam, before 1700 HRS on 15th February

All Jobs

QUICK ALERT SUBSCRIPTION