Jobs

Information Security Specialist Job – National Social Security Fund (NSSF)

Job Title:  Information Security Specialist

Organisation: National Social Security Fund (NSSF)

Duty Station:  Kampala, Uganda

Reports to: Information Security Manager

About US:

National Social Security Fund (NSSF) is positioning itself as the Social Security Provider of Choice in Uganda. With our shared purpose of being the Social Security Provider of choice, providing exceptional customer service and better operations with a well-motivated and skilled workforce, we are looking to recruit persons with high integrity and dedication to work with us.

Job Summary:  The Information Security Specialist will identify, assess, and make recommendations to manage and mitigate the organization’s Information Security risks.

Also Read: Data Entry Clerk Job – Uganda Business and Technical Examinations Board (UBTEB)

Key Duties and Responsibilities:

  • Implement information security and privacy policies, standards and procedures to protect the Fund from internal and external threats
  • Review and assess information security risks within new and existing systems, processes, policies and procedures and recommend relevant controls.
  • Conduct continuous vulnerability assessments and regular penetration tests on the Fund’s systems.
  • Create a culture of security awareness by undertaking sensitization/training of staff on information security and privacy risks and control.
  • Work with all critical process and system owners to ensure security and data privacy controls are considered at the outset of new projects, products and initiatives.
  • Administer information security monitoring systems for incident detection, response, risk mitigation and threat management.
  • Implement identity management and access control strategies, policies, procedures, standards, and guidelines.
  • Create, revoke and manage identities/access for personnel, service accounts, applications, devices etc.
  • Control and monitor access to the Fund’s information assets to identify unauthorized access and potentially malicious activities.
  • Conduct regular user access reviews in collaboration with system, process and data owners. Conduct periodic audit log reviews and report any unusual or suspicious activities.
  • Work with system and process owners to develop, implement and maintain access control lists and matrices.
  • Configure, implement, and manage identity management and access control technologies and tools.
  • Establish, administer, and monitor privileged user accounts in accordance with a role-based access scheme.
  • Support the Data Protection Officer in conducting data privacy impact assessments.
  • Ensure that the IT infrastructure and systems are configured with appropriate technical controls to safeguard them against malicious attacks.
  • Monitor compliance with information security policies, guidelines and standards and applicable laws and regulations.

Qualifications, Skills and Experience:

  • The applicant must hold a Bachelor’s degree in Information Systems, Information Technology, Computer Science, Software Engineering or a related field.
  • Professional qualifications CEH, CISA or related certifications
  • At least three years of experience in conducting IT risk or information security responsibilities in a substantial organization.
  • Experience in administering information security tools, identity management and access control systems is an added advantage.
  • Strong understanding of information security risk, controls and principles
  • Sound knowledge of information security technologies e.g., WAF, NAC, SIEM, DLP, IAM, EDR
  • Understanding of Cloud technologies and the associated risks
  • Knowledge of networking protocols
  • Strong analytical, decision-making and problem-solving skills
  • Ability to explain complex security issues to non-technical stakeholders
  • Positive attitude towards learning and development
  • Ability to work with critical deadlines and prioritize workload effectively.
  • Knowledge of the Data Protection and Privacy Act and applicable regulations, National Information Security Framework, ISO 27001, NIST standards etc.

How to Apply:

All Interested individuals should Click Here to fill out the application form and also send copies of their application letter, curriculum vitae and academic qualifications, addressed to the Chief of People and Culture to recruitment@nssfug.org

Women are encouraged to apply. Please note that canvassing or lobbying will lead to the automatic disqualification of the candidate.

Deadline: 14th December 2022

Miiro Allan

I am a team player who is committed to learning, excellence, ethics and people, also an excellent communicator with great interest in technology innovations, branding and communications for Business and passion for community service and positive change.

Recent Posts

Uganda Launches TVET Reforms to Boost Employment

The Ugandan government has introduced reforms in the Technical and Vocational Education and Training (TVET)…

2 weeks ago

Mbarara University Holds 31st Graduation, Welcomes New Vice Chancellor

Mbarara University of Science and Technology (MUST) held its 31st graduation ceremony on 19th October…

2 weeks ago

Love Languages Unpacked: How to Communicate Love in Ways That Truly Resonate

Discover the five love languages and learn how to communicate love effectively in your relationships.…

2 weeks ago

Uganda, India Discuss Operationalisation of National Forensic Sciences University in Jinja

The Chief of Defence Forces (CDF), Gen. Muhoozi Kainerugaba, met with Indian High Commissioner to…

3 weeks ago

Ndejje University Graduates 1,067 at 26th Ceremony, Urged to Be Innovators

Ndejje University held its 26th graduation ceremony on October 11, 2024, at the main campus…

3 weeks ago

Makerere Launches ‘Safer Campuses Campaign’ to Combat Gender-Based Violence

Makerere University has launched the "Safer Campuses Campaign," a multi-university initiative aimed at tackling Gender-Based…

3 weeks ago

This website uses cookies.