Job Title: Information Security Officer
Organization: National Social Security Fund (NSSF)
Duty Station: Kampala, Uganda
Reports to: Operational Risk Manager
About US:
The National Social Security Fund (NSSF) is a Provident Fund mandated to provide social security to its members as prescribed by law under CAP 222 (Laws of Uganda) through efficient management of members’ contributions. The NSSF asset base is currently over Ugx. 9.8 trillion, making the Fund one of the largest players in Uganda’s economy.
Job Summary: The Information Security Officer will be responsible for monitoring information systems to identify risk exposures and making appropriate recommendations for risk mitigation.
Key Duties and Responsibilities:
- Review and analyze the Fund’s IT strategies to ensure there are sufficient control safeguards against potential attacks (internal/external)
- Review and assess inherent risks within new processes and systems
- Monitor system security settings, identify and report breaches with recommendations
- Review proposed system changes, identify potential risks and recommend appropriate measures
- To undertake regular system vulnerability assessment to identify areas of security weakness and provide the necessary advice
- Review and assess adequacy and effectiveness of disaster recovery procedures and make relevant recommendations for improvements
- To coordinate IT Control Self-Assessment (CSA)
- Undertake sensitization/training of staff on information security risk control
- Monitor compliance with information security policies & procedures
- Review the information security policies and procedures to ensure that they are relevant to the current developments in information technology
- Monitor developments in the environment & identify potential risk exposures to the Fund
- Develop appropriate tools for monitoring information security exposures
- a
Qualifications, Skills and Experience:
- The applicant for the National Security Social Fund (NSSF) Information Security Officer job placement must hold a Bachelor’s degree in information technology/ computer science and a professional qualification e.g. CISA, CISSP
- Three years of hands-on technical experience in dealing with information security
- The applicant must be analytical and pay attention to details.
- Must have a deep understanding of computer systems configuration and applications Skills and abilities:
- Ability to provide appropriate advice/ recommendation to control risks
- Creativity and innovation to be able to identify risks and to determine new solutions for handling changing information security risks
- Ability to anticipate what can go wrong/potential risks
- Excellent interpersonal skills
- Written (reports, presentation etc.) and oral communication skills
- Ability to work in teams
How to Apply:
All suitably qualified and interested candidates should send their applications enclosing detailed curriculum vitae giving three references, copies of academic and professional certificates, postal address and daytime telephone contact to: recruitment@nssfug.org For the attention of; The Head of Human Resources & Administration National Social Security Fund
Deadline: 16th November 2018 by 5:00pm