Job Purpose
To monitor and protect the organization’s IT system from threats to security, establish protocols for identifying and neutralizing threats, and maintain updated anti-virus software to block threats.
Job Responsibilities
1) Company Support
Assess and mitigate system security risks; determine and analyze security requirements for implementation and testing.
Review and continuously monitor implemented security controls.
Create and maintain security checklists, templates and other tools to aid in the Assessment and Authorization process.
Perform security control assessment using security and privacy control guidance and as per continuous monitoring requirements.
Perform risk analyses to determine and recommend essential safeguards.
Proactively mitigate system vulnerabilities and recommend compensating controls.
Implement controls to mitigate vulnerabilities and other security recommendations by internal & external auditors.
Prepare security authorization packages in accordance with the contractual requirements.
Develop core documents such as System Security Plan, Incident Response Plan, Standard Operating Procedures, Plan of Actions and Milestones, Remediation Plans, Configuration Management Plan, etc.
Maintain Plan of Action and Milestones and support remediation activities.
Conduct independent scans of application, network and database and vulnerability assessment as applicable.
2) Governance, risk and compliance
Proactively identify, resolve and/or escalate potential security and other relevant risks
3) Effective teamwork, self-management and alignment with company values
Requirements:
Qualifications & Experience
ECZ certified Grade 12 School Certificate
Bachelor’s degree in Computer Science, Information Technology, Cyber Security or related field (Certified by ZAQA)
3+ years’ experience working as an Information Assurance Analyst for an information technology, information assurance, or information management organization or program
Familiar with Continuous Monitoring
One or more of the following certifications:
o CompTIA Security +
o CPTE – Certified Penetration -Testing Engineer
o CEH – Certified Ethical Hacker
Excellent communications skills
Fluent in English, grammar and communication
Ability to influence stakeholders in the execution of security and compliance requirements
Knowledge of the security countermeasure
Experience as a Security consultant in Risk and Compliance
Experience in working with security management including information governance and compliance
Good understanding of Assurance Practices and Risk Management, hands on experience
Experience of security processes and standards
Knowledge of security audit and accreditation processes
Ability to interpret request for proposal and respond to security and compliance requirements
Interested Applicants who meet the job requirements should e-mail their CV’s to recruitment@mfz.co.zm. Only shortlisted candidates will be contacted. Be sure to include the job applied for in the subject field.
