Implement, maintain and monitor UGAFODE’s Cyber Security systems and participation in the design and implementation of up-to-date IT standards, policies, guidelines and appropriate architectural principles to ensure the UGAFODE’s IT Security goals continue to be met
Manage UGAFODE’s IT Security systems and tools, e.g. firewalls, data protection controls, log analyzers, end-point-security, patching, encryption, vulnerability scanning and pen testing etc. ensuring that they are use optimally, including, monitoring and enforcing security access procedures to UGAFODE’s Information Technology Systems and networks.
Research, evaluate, design, test, recommend and/or plan technological upgrade improvements and major changes to the IT Security environment, and analyze their impact on the existing environment, while overseeing their proper deployment, configuration, and functioning.
Providing training on IT Security Awareness trainings to UGAFODE’s personnel as per established IT security training programs to promote good security hygiene.
Serve as the department’s representative to support IT security & operational audits by UGAFODE’s internal assurance functions or third-parties to ensure UGAFODE maintains a strong security posture including ensuring that service-level agreements with outsourced ICT security services providers are enforced.
Enforce UGAFODE’s ICT Change and Incident management activities and processes ensuring that they are in line with the approved IT Policies.
Work with ICT staffs to ensure that all Audit, Risk, Vulnerability & compliance findings are appreciated and closed in time.
Enforce the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend and support implementation of treatment plans
Provide guidance during security incidents and investigations, ensuring root-cause analysis is undertaken and input suggested approaches to deal with lessons identified
Ensure that systems and the information within them comply with the Data-Protection-and-Privacy-Act-2019 of Uganda and other relevant legal and regulatory requirements.
Work with the IT team to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications, Software’s and 3rd party connections before being introduced into the ICT environment in compliance with current Security Policies
Maintain a knowledgebase comprising a technical reference library, security advisories and alerts, information on security trends and practices, and laws and regulations
Support the Head of ICT in developing and planning of the IT Security section’s annual Budgets and work plans and execution of the same.
And undertake any other assignments related to information systems technology as may be assigned by supervisors from time to time