REF: EACC/CSS/ICTO/13
Reporting to the Deputy Director - ICT, the jobholder is responsible for designing, implementing and maintaining the organization's IT security infrastructure to protect information systems, networks and digital assets from threats. The role involves proactive threat detection, incident response, vulnerability management, and ensuring compliance with relevant cybersecurity standards and regulations.
Duties and Responsibilities
Designing, developing and managing enterprise-level cybersecurity solutions and controls to safeguard networks, applications and data;
Conducting regular vulnerability assessments, penetration tests, and risk analyses to identify and remediate security gaps;
Monitoring the security of ICT systems and user operations through effective management of the Network and security operation centres (NOC and SOC);
Collaborating with Software development teams to integrate security-by-design principles and safeguards in all ICT solutions;
Developing, implementing and enforcing security policies, standards and incident response and mitigation plans;
Preparing and submitting regular reports on cybersecurity operations including incident trends, threat intelligence, user behaviour and traffic analyses;
Conducting research and innovation in emerging areas such as blockchain security, DeFI risks and cryptographic advancements to strengthen organisational resilience and support other departments with expert consultancy;
Developing cybersecurity training materials and conducting regular staff awareness sessions to promote a security conscious culture;
Tracking global and sectoral developments in cybersecurity, issuing regular advisories, and driving continuous improvement in security practices; and
Performing other ICT-related duties as assigned to support ICT operations and organisational objectives.
Requirements for Appointment
For appointment as an ICT Officer II - Cybersecurity Engineer, a person must possess the following qualifications:
Minimum of five (5) years of enterprise experience in cyber and/or information security systems implementation and administration;
Bachelor's degree in Computer Science, Information Technology, Electronic Engineering, Telecommunications or an equivalent qualification from a recognised institution;
Professional certifications in network and applications cybersecurity such as CISSP, CISM, CCNP Security, Security+, CISA, CEH, etc.;
Professional certifications in Cisco network design and configurations i.e. CCNA, CCNP; HRM/EXT. ADVERT 2025-26/01
Experience in configuration and administration of Next generation enterprise firewalls (Cisco FTD, Checkpoint, Fortinet, Palo Alto), Network Access Controls (Cisco ISE, FortiNAC), Email Security Systems (Cisco WSA, ESA, Fortimail), Web Application Firewalls (WAF) and enterprise endpoint security solutions;
Strong understanding of networking concepts, protocols, and architectures (TCP/IP, DNS, DHCP, VLANS, routing, etc.);
Knowledge of risk management and disaster recovery processes;
Knowledge of cyber laws and compliance requirements as per enacted laws and industry standards.
Note:
The following will be an added advantage:
Relevant industry standard certifications e.g. ISO 27001, SABSA, TOGAF, ITIL, COBIT, etc.
Cybersecurity expert level certifications such as Checkpoint CCSE, Fortinet NSE7 (enterprise firewall), Palo Alto PCNSE etc.