ICT Officer (Security Management) at Muhimbili National Hospital

Job Description

Duties and Responsibilities

• To Lead the ICT team and consult them on the remediation of security vulnerabilities
• To perform audit and security compliance checks, including network penetration testing, vulnerability scans, and other configuration analysis.
• To Hunt cybersecurity threats and mitigate them before they compromise the organization.
• To Implement appropriate security tools and systems to uncover potential threats before they turn into attacks.
• To Develop cyber threat models and security risk assessments and recommend mitigations and countermeasures to address risks, vulnerabilities, and threats.
• To Conduct Malware monitoring, analysis, and reverse engineering.
• To Perform Information Security Incident Handling and Digital Forensic Investigations.
• To Analyze network traffic for intrusions and cyberattacks in both parameters and internal networks.
• To Monitor and analyse events and alerts from a wide array of security devices and systems (SIEMs, Firewalls, IDS/IPS, WIPS, Systems, Networks, Anti-virus, etc.)
• To Administer the Security Incident and Event Management system (SIEM) and ensure all mission-critical systems are well integrated.
• To Take Part in the software development lifecycle and uncover potential flaws before and after deployment.
• To Formulate and review IT Security controls following best practice benchmarks for applications, operating systems, network devices, storage, databases, and endpoints.
• To Implement Cyber controls as stipulated in the policies and procedures.
• .To Perform cybercrime incident coordination, analysis, and response in collaboration with the authorities and the internal fraud unit.
• To access and document the damage caused by security breaches and report to all stakeholders.
• To prepare security alerts and warnings to the users and interested parties.
• To maintain technical knowledge by attending educational workshops; reviewing publications.
• To perform any other related information security duties assigned from time to time.
• To be part of the team, support security initiatives through predictive and reactive analysis and articulate emerging trends to management and staff.

Qualifications and Experience

• Bachelor Degree in Information Technology, Computer Science, Computer Engineering, Computer Security, Software Engineering or equivalent degree from a recognized institution. 
• Knowledge of industry ICT Security Management System, cyber security regulatory frameworks and best practices, 
• Knowledge of ICT Risk Management, Knowledge of Networking, System Administration, Programming and Database Administration, 
• Knowledge of SOC, NOC operations, threat vectors and basic mitigation controls such as IPS, IDS, WAF, 
• Demonstrated proficiency in using various open-source and proprietary cyber security tools, 
• Certification in the ICT security field such as CEH, CIH, ECSA, LPT, CISA, CISSP, CISM, OCSP and CSX-CP will be an added advantage.

Address

A signed application letter should be written either in Swahili or English and addressed to

Secretary, Presidents Office,
Public Service Recruitment Secretariat,
P.O. Box 2320,
Mahakama Street, Tambukareli Area, Dodoma