Fresher Officer ICT Security Job Careers – Uganda Revenue Authority (URA)
Organisation: Uganda Revenue Authority (URA)
Duty Station: Kampala, Uganda
The Uganda Revenue Authority (URA) was established by the Uganda Revenue Authority Statute of 1991 and set up in September of the same year as a central body for assessment and collection of specified revenue, to administer and enforce the laws relating to such revenue and to provide for related matters. This statute incorporated all the laws that were in force then regarding tax collection. The new organization (URA) amalgamated the three tax administration departments that were responsible for all the taxes collected by the Central Government of Uganda.
Job Summary: The Officer ICT Security will mainly implement and maintain ICT security controls to safeguard the Authority’s Information Technology systems and infrastructure against security risks
Key Duties and Responsibilities:
Provide support in the Implementation of aspects of ICT security strategies to preserve the integrity, confidentiality, and availability of URA ICT assets
- Assist in the implementation of the ISO 27001 standard for Information Security Management
- Support the maintenance of the URA Disaster recovery and Business Continuity Plan (BCP)
- Perform security testing, as needed, to verify compliance with information security architecture and policies
- Conduct research on the latest developments in the information security field to improve on IT interventions and submit to the supervisor for further management
Perform security risk assessment to evaluate the effectiveness of the ICT Security controls
- Draft security risk assessments to be conducted and present to the supervisor for review and quality assurance
- Coordinate with the different business units and ICT units to communicate and implement information security risks
- Examine and assess the integrity of the IT system and participate in the audit reviews to identify and mitigate gaps
- Support other business units to incorporate security mechanisms into information technology products during development stages
- Draft risk treatment options identified from IT risk assessment and recommend security control measures
- Assist in developing policy and standards for the backup and archiving of URA’s information to ensure its confidentiality, availability and integrity at all times
Keenly monitor information technology systems to provide visibility into the effectiveness of controls and proactively identify security threats
- Receive and investigate information security incident reports as directed by the line supervisor
- Examine audit logs & system alerts to confirm the occurrence of security incidents and/or violations
- Assess and report any weak spots in ICT security including but not limited to access controls, environmental issues, security of cables, maintenance of equipment, virus control, data handling among others
- Perform market analysis for new information security technology; scan for new products that may enhance the security of URA’s ICT systems and programmes
- Carry out system tuning in order to improve the reliability of information technology security solutions
Carry out investigations into information technology security violations to facilitate decision making
- Participate in the development and review of the ICT security incident management plan
- Conduct information security/confidentiality incident and disciplinary/alleged fraud/misconduct investigations
- Perform malware and advance persistent threat security investigations.
- Coordinate the establishment of the impact of security incidents to URA’s ICT systems and identification of remedies to identified gaps
- Draft the investigation reports and maintain custody for the evidence gathered during the investigations
Conduct information security awareness training programmes in order to reduce exposure to attacks
- Draft the information security awareness program and submit to the line supervisor for review and approval
- Drat the training content/ materials and conduct trainings for all ICT users and administrators
- Develop reports on trainings conducted highlighting the level of staff awareness on IT Security requirements and recommendations for improvements
Qualifications, Skills and Experience:
- The applicants for the Uganda Revenue Authority (URA) Officer ICT Security job opportunities should hold a Bachelor’s Degree in IT, Computer Science from a recognised academic institution.
- A minimum of three of the following Industry Certifications: CISA, CEH, ISO 27001, CCNA, CCDA, CISSP, CSSLP
- HP UX, ITIL Certifications are desirable
- Two years’ experience in network, database management, system development, enterprise security architecture design gained in a complex IT environment
- IP networking protocols like IPSec, PKI, VPN’s, firewalls, proxy services, IDS’s, IPS’s, DNS, email, access lists & internet, web, application and network security techniques.
- ISO 27001 Implementation
- Experience in the development and drafting of information security-related policies and procedures in a similar environment
- Extensive knowledge and understanding of security systems, including firewalls, intrusion detection/prevention systems, anti-virus software, authentication systems, log management.
- Demonstrated understanding and familiarity with common penetration testing methods and standards, as well as an understanding of security issues on both Microsoft and UNIX/LINUX operating systems
- Detailed technical knowledge of application, database and operating system security
- Level of Integrity as per URA standards, should be analytical (have a mind driven by the why),
- A strong sense of responsibility and initiative.
- A strong desire to learn and improve.
- Ability to prioritize and organize tasks carefully and accurately.
- Excellent interpersonal oral and written communication skills.
- Work independently and as part of a team.
- Dedication and commitment to providing continuous service for the advancement of technology.
- Communicate well with all levels of management and company personnel.
- Handle multiple projects and tasks with potentially varying priorities.
- Make decisions and solve problems while working under pressure.
- Innovative problem solving
How to Apply:
All suitably qualified and interested candidates who wish to join URA should apply online at the link below.
Deadline: 16th July 2019 at 11:59pm