Job Purpose

To implement and enhance cybersecurity defenses and mitigate threats by leading the technical operations for both the Commission and Sectorial Computer Emergency Response Team (CERT).

Primary Tasks and Responsibilities

Implement developed cybersecurity processes, procedures, guidelines frameworks and strategies to enhance the effectiveness of the Commission Information Security and CERT’s operations.
Implement advanced monitoring tools and techniques to continuously monitor communication networks and systems for signs of security breaches, intrusions, malware infections, or other cyber threats.
Review and submit periodic reports of investigated cybersecurity incidents, information security unit operations, and cyber and threat intelligence as required.
Coordinate the implementation of cybersecurity awareness and capacity-building programs to enhance the Commission and the sector’s ability to identify, prevent, and respond to cyber threats.
Coordinate and support the provision of CERT services to internal and external stakeholders, including the development and implementation of operational plans, budgets, processes, and performance scorecards.
Process all incidents accurately and promptly, ensuring proper classification, prioritization, and escalation when necessary.
Create and sustain a register for the classification of communication and cyber threats.
Provide oversight for on-site and off-site security examinations, offer information security advisory services and expertise to the Commission and external stakeholders, and provide practical assistance in managing information security risks and controls.
Deliver information security consultancy and expertise to internal and external stakeholders, offering practical assistance in managing information security risks and controls.
Manage and review the performance of direct reports, assigning tasks effectively, setting development goals, and ensuring alignment with organisational objectives.
Maintain flexibility to accommodate any other duties assigned by the line supervisor from time to time.
Key Performance Indicators

1. Implemented cybersecurity processes, procedures, guidelines, frameworks, and strategies.

2. Timeliness and accuracy in submitting periodic reports on investigated cybersecurity incidents, Cybersecurity operations, and cyber and threat intelligence.

3. Implemented cybersecurity capacity-building programs.

4. Conducted on-site and off-site security examinations and advisory services.

5. Delivered information security consultancy sessions to internal and external stakeholders.

6. Accuracy and timeliness of incident report submissions.

Education and Professional Qualifications

1. Master’s degree in computer science, data communication, software engineering, ICT, engineering (electronic, telecommunications, computer), cybersecurity/information security, information technology, or a related relevant field.

2. Bachelor’s degree in computer science, cybersecurity/information security, information technology or a related field.

3. Membership in a relevant information/cyber security professional body or possession of a professional certification in information security/cybersecurity fields.

Working Experience

A minimum of four (4) years of progressive experience in Information Security/Cybersecurity in a Corporate environment and a minimum of one year’s experience in a supervisory role.

Skills, Knowledge and Abilities

Technical

· Profound knowledge and expertise in information security/cybersecurity, including log aggregation, visualisation, Automation and digital forensics.

· Strong understanding of legal and regulatory requirements related to incident handling.

· Familiarity with network protocols, intrusion detection systems, and log analysis.

· Knowledge of ethics concerning cybersecurity and privacy, and CERT operations.

Behavioural

· Strong analytical skills.

· Effective communication abilities.

· Capacity for teamwork and collaboration.

***Deadline: 02/21/2025***