Job Title: Officer ICT Security – URA Jobs 2021

Organization: Uganda Revenue Authority (URA)

Job Location: Kampala

 

 

Uganda Revenue Authority (URA) Profile:

The Uganda Revenue Authority is a government revenue collection agency established by the Parliament of Uganda. Operating under the Ministry of Finance, Planning and Economic Development, the URA is responsible for enforcing, assessing, collecting, and accounting for the various taxes imposed in Uganda.

 

 

Job Profile:

Implement and maintain ICT security controls to safeguard the Authority’s Information Technology systems and infrastructure against security risks.

 

 

Roles and Responsibilities:

1. Participate in the design & building of the URA’s information security architecture in support of the URA’s mission

a)    Engage key stakeholders to elicit security requirements adequate to provide assurance of security

b)   Evaluate the efficacy of existing security controls & provide expert advisory services in this regard

c)    Carry out threat modelling and security reviews for Software Development projects

d)   Assist in developing information security policies, standards & guidelines

e)    Provide input into the development of URA’s IT Security Strategy

 

2. Support & maintain Information security solutions to ensure their continued efficacy

a) Test, deploy, maintain, review and administer the infrastructure hardware and software that are required to effectively manage network defenses.

b) Install, config, troubleshoot and maintain server security configurations to ensure their confidentiality, integrity, and availability.

c) Work with other teams to ensure good security practice is followed during deployments

3. Identify, analyse and mitigate threats to URA’s IT Infrastructure

a) Carry out vulnerability assessments & penetration testing to establish the effectiveness of internal controls

b) Use defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network to protect information, information systems, and networks from threats.

c) Analyze digital evidence and investigate security incidents to derive useful information in support of system/network vulnerability mitigation and investigations.

d) Keep abreast with emerging industry security threats that could potentially impact URA’s IT Infrastructure & work towards strengthening URA’s security posture

4. Facilitate information security awareness programs

a) Provide input into the security awareness content

b) Conduct security awareness training using various channels

c) Conduct phishing assessments and other testing to ascertain level of awareness among different categories of staff.

 

 

Minimum Qualifications for URA Jobs 2021: 

Essential Requirements

a) An honors Bachelor’s Degree in IT/Computer Science or related technical science degree from a recognised University.

b) At least 2 years’ experience in security, network administration, software development role gained in a complex IT environment

Desirable Requirements

a) Information Security Certification Such as; CISSP, CSSLP, CEH, Security+, Any GIAC, OSCP, CCSA, CCNA or other Vendor Specific InfoSec Certification

b) Certification in ITIL, LPI

c) Experience in managing Web or Network Firewalls

d) Experience in threat Modelling & Secure SDLC

e) Experience in maintenance of Network Infrastructure

f) Experience in penetration testing & vulnerability assessments of network, web or mobile platforms

g) Experience in digital forensics & incident response

h) Experience in installing & Securing Server Infrastructure

Knowledge

  1. Knowledge of cyber threat actor categories
  2. Knowledge of system administration, network, and operating system hardening techniques.
  3. Knowledge of cyber-attack stages
  4. Knowledge of computer networking concepts and protocols, and network security methodologies.
  5. Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems.
  6. Knowledge of packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump).
  7. Knowledge of OSI model and underlying network protocols
  8. Knowledge of penetration testing principles, tools, and techniques.
  9. Knowledge of Application Security Risks
  10. Knowledge of prevalent cyber threats, tactics, techniques and procedures
  11. Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
  12. Knowledge of how traffic flows across the network
  13. Knowledge of basic system, network, and OS hardening techniques.
  14. Knowledge of network tools (e.g., ping, traceroute, nslookup)
  15. Knowledge of operating system command-line tools.
  16. Knowledge of Security Service Management Frameworks & methodologies ( ISO 27001, ITIL4, DevSecOps )
  17. Knowledge of concepts and practices of processing digital forensic data.
  18. Knowledge of installation, integration, and optimization of system components.
  19. Knowledge of Interpreted & compiled computer languages

SPECIAL SKILLS AND ATTRIBUTES

a) Skill in applying security controls.

b) Skill in system, network, and OS hardening techniques. (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.).

c) Skill in performing packet-level analysis.

d) Skill in technical writing.

e) Skill in writing about facts and ideas in a clear, convincing, and organized manner.

f) Ability to prepare and deliver education and awareness briefings to ensure that systems, network, and data users are aware of and adhere to systems security policies and procedures.

g) Ability to answer questions in a clear and concise manner.

h) Ability to ask clarifying questions.

i) Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.

j) Ability to communicate effectively when writing.

k) Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.

l) Ability to operate common network tools (e.g., ping, traceroute, nslookup)

m) Ability to execute OS command line (e.g., ipconfig, netstat, dir, powershell)

 

 

How To Apply for URA Jobs 2021

All interested and suitably qualified candidates should submit their applications through the link below.

Click here to apply

Deadline: 1st May 2021

 

 

For similar Jobs in Uganda today and great Uganda jobs, please remember to subscribe using the form below:

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

NOTE:

No employer should ask you for money in return for advancement in the recruitment process or for being offered a position. Please contact Fresher Jobs Uganda if it ever happens with any of the jobs that we advertise.

 


Discover more from Fresher Jobs Uganda

Subscribe to get the latest posts sent to your email.

By FRESHER JOBS UGANDA

You just have to keep trying. Keep at it and do not draw back.

Incase you have any inquiry, let us know by commenting here.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Discover more from Fresher Jobs Uganda

Subscribe now to keep reading and get access to the full archive.

Continue reading