Job Summary

The jobholder shall be responsible for day-to-day security of the Authority’s infrastructure and business systems through identification of security risks and ensure appropriate mitigation measures are in place.

Duties and responsibilities


Develop and schedule vulnerability assessment tests on business systems and information technology (IT) infrastructure.
Work with stakeholders to ensure identified vulnerability and baseline conformity gaps are addressed.
Develop and maintain minimum baseline standard based on changes in technology and Common Vulnerabilities and Exposures releases.
Review security requirements for acquisition of business systems and perform requisite tests before deployment to production.
Provide technical support to relevant stakeholders in investigation of information security incidences in the Authority.
Extract investigative data as may be requested by stakeholders.
Review drafted RFCs for security control change proposals in the IT business and infrastructure systems and prepare penetration-tests schedules.


Person specifications

For appointment to this job, the candidate must have:


A Bachelor’s Degree in any of the following disciplines: - Computer Science, Information, Communication Technology(ICT), Business Information Technology or relevant and equivalent qualification from a recognized Institution;
Minimum of 3 years relevant work experience.
Membership to a professional body with a valid practicing certificate/license.


Any of the following professional certifications:


CEH, CISSP, ECIH, CFHI, CISM, CISA, MCSE, CCNA
Certification in relevant security tools.


Demonstrate Technical proficiency in the following knowledge areas:-


Security tools such as python, firewalls, IPS, SIEM, SOAR, SQL, RDMS, LINUX.
Relevant legislation.
Analytical skills.