ICT Security Officer at Petroleum Authority of Uganda
- Company: Petroleum Authority of Uganda
- Location: Uganda
- State: Uganda
- Job type: Full-Time
- Job category: IT/Telecom Jobs in Uganda
Job Description
Background
The Petroleum Authority of Uganda (PAU) is a statutory body established under Section 9 of the Petroleum (Exploration, Development and Production) Act 2013, and in line with the National Oil and Gas Policy for Uganda which was approved in 2008. The mandate of the Petroleum Authority of Uganda is to monitor and regulate the exploration, development and production, together with the refining, gas conversion, transportation and storage of petroleum in Uganda. This includes ensuring that petroleum operations in Uganda are carried out in accordance with the relevant laws, regulations, guidelines, statutes and in line with international best practice for the petroleum industry.
The Petroleum Authority of Uganda now invites applications from qualified Ugandans who fully meet the required job specifications and with the right personal attributes to occupy the following positions in the Authority’s established structure.
PAU/ICTD/083/600: ICT Security Officer
Job Summary
ICT Security Officer will report to the Senior ICT Security. He/she will be responsible for Implementing and maintaining ICT security controls to safeguard the Authority’s Information Technology systems and infrastructure against security risks.
Key Duties And Responsibilities:
• Perform security testing, as needed, to verify compliance with information security architecture and policies.
• Conduct research on the latest developments in the information security field to improve on IT interventions and submit to the supervisor for further management
• Draft security risk assessments to be conducted and present to the supervisor for review and quality assurance
• Coordinate with the different business units and ICT units to communicate and implement information security risks.
• Examine and assess the integrity of the IT system and participate in the audit reviews to identify and mitigate gaps.
• Support other business units to incorporate security mechanisms into information technology products during development stages.
• Draft risk treatment options identified from IT risk assessment and recommend security control measures.
• Assist in developing policy and standards for the backup and archiving of PAU information to ensure its confidentiality, availability and integrity at all times.
• Receive and investigate information security incident reports as directed by the line supervisor
• Examine audit logs & system alerts to confirm the occurrence of security incidents and/or violations
• Assess and report any weak spots in ICT security including but not limited to access controls, environmental issues, security of cables, maintenance of equipment, virus control, data handling among others
• Perform market analysis for new information security technology; scan for new products that may enhance the security of PAU ICT systems and programmes
• Carry out system tuning in order to improve the reliability of information technology security solutions.
• Participate in the development and review of the ICT security incident management plan.
• Conduct information security/confidentiality incident and disciplinary/alleged fraud/misconduct investigations.
• Perform malware and advance persistent threat security investigations.
• Coordinate the establishment of the impact of security incidents to PAU ICT systems and identification of remedies to identified gaps.
• Draft the investigation reports and maintain custody for the evidence gathered during the investigations.
• Draft the information security awareness program and submit to the line supervisor for review and approval.
• Draft the training content/ materials and conduct trainings for all ICT users and administrators
• Develop reports on trainings conducted highlighting the level of staff awareness on IT Security requirements and recommendations for improvements
• Perform any other duties as may be assigned from time to time.
Qualifications, Skills And Experience:
Basic Qualifications
An honors bachelor’s degree in either, Computer Science, Information Technology, Statistics with computing, Computer or Software Engineering from an internationally recognized University or institution.
Experience
• At least (3) years’ working experience in network, database management, system development, system administration, enterprise security architecture design gained from a busy and reputable organization.
Added advantage
• Masters’ Degree in Computer Science, Information Technology, Statistics (Computing option), Software or Computer Engineering or related field from an internationally recognized University or Institution.
Character and Competencies
• Possess excellent project management skills.
• Good communication and interpersonal skills.
• Ability to conduct research into enterprise networking issues and products as required.
• Highly self-motivated and directed, with keen attention to detail.
• Proven analytical and problem-solving abilities.
• Ability to effectively prioritize tasks in a high-pressure environment.
• Strong customer service orientation.
Method of Application
Submit your CV and Application on Company Website : Click HereClosing Date : 4 Oct. 2021