Job Purpose

To monitor and protect the organization’s IT system from threats to security, establish protocols for identifying and neutralizing threats, and maintain updated anti-virus software to block threats.

Job Responsibilities

1) Company Support

• Assess and mitigate system security risks; determine and analyze security requirements for implementation and testing.
• Review and continuously monitor implemented security controls.
• Create and maintain security checklists, templates and other tools to aid in the Assessment and Authorization process.
• Perform security control assessment using security and privacy control guidance and as per continuous monitoring requirements.
• Perform risk analyses to determine and recommend essential safeguards.
• Proactively mitigate system vulnerabilities and recommend compensating controls.
• Implement controls to mitigate vulnerabilities and other security recommendations by internal & external auditors.
• Prepare security authorization packages in accordance with the contractual requirements.
• Develop core documents such as System Security Plan, Incident Response Plan, Standard Operating Procedures, Plan of Actions and Milestones, Remediation Plans, Configuration Management Plan, etc.
• Maintain Plan of Action and Milestones and support remediation activities.
• Conduct independent scans of application, network and database and vulnerability assessment as applicable.

2) Governance, risk and compliance

• Proactively identify, resolve and/or escalate potential security and other relevant risks

3) Effective teamwork, self-management and alignment with company values

Requirements:

Qualifications & Experience

• ECZ certified Grade 12 School Certificate
• Bachelor’s degree in Computer Science, Information Technology, Cyber Security or related field (Certified by ZAQA)
• 3+ years’ experience working as an Information Assurance Analyst for an information technology, information assurance, or information management organization or program
• Familiar with Continuous Monitoring
• One or more of the following certifications:

   o CompTIA Security +

   o CPTE – Certified Penetration -Testing Engineer

   o CEH - Certified Ethical Hacker

• Excellent communications skills
• Fluent in English, grammar and communication
• Ability to influence stakeholders in the execution of security and compliance requirements
• Knowledge of the security countermeasure
• Experience as a Security consultant in Risk and Compliance
• Experience in working with security management including information governance and compliance
• Good understanding of Assurance Practices and Risk Management, hands on experience
• Experience of security processes and standards
• Knowledge of security audit and accreditation processes
• Ability to interpret request for proposal and respond to security and compliance requirements

Interested Applicants who meet the job requirements should e-mail their CV’s to recruitment@mfz.co.zm. Only shortlisted candidates will be contacted. Be sure to include the job applied for in the subject field.