IT Security Specialist

We are hiring an IT Security Specialist to implement and maintain our security systems by preventing unauthorized access to our data and responding to privacy breaches.

JOB GRADE: D1

REPORTS TO: Manager IT Security

DEPARTMENT: Technology and Enterprise Solutions

DUTY STATION: Headquarters

• Conduct compliance assessments by understanding business objectives, structure, policies and procedures, internal controls, and external regulations.

• Design and implement safety measures and data recovery plans.

• Document systems, processes, and controls using narratives, flow charts, data flow diagrams, etc.

• Understand and communicate the downstream impact on the business of control deficiencies.

• Advise and collaborate on projects by providing IT controls and risk expertise and considerations.

• Analyse IT specifications to assess security risks.

• Install, configure, and upgrade security software and applications.

• Secure networks through firewalls, password protection, and other systems.

• Inspect hardware for vulnerable points of access.

• Monitor network activity to identify issues early and communicate them to IT teams.

• Act on privacy breaches and malware threats.

• Serve as a security expert and conduct trainings when needed.

• Draft security policies and guidelines.

• Complete audit work papers by documenting audit tests and findings.

• Collaborate with control owners to implement process changes and track to completion.

• Implement the IT security strategy.

• Bachelor’s degree in Information Security, Computer Science, IT, or a related field; or equivalent professional experience.

• Industry-recognized security certifications such as Cisco Security (CCNP Security, CCIE Security), OSCP, SSCP, CEH, CISSP, GIAC certifications, Microsoft Azure Security Engineer Associate, Microsoft Certified: Cybersecurity Architect Expert, or similar.

• Minimum of 4 years’ experience in cybersecurity analysis, security engineering, or a similar role.

• Hands-on experience with SIEM platforms, endpoint security, and vulnerability and patch management tools.

• Clear understanding of compliance requirements in financial services or other regulated sectors.

• At least 2 years in a supervisory role will be an added advantage.

• Network and System Security: Demonstrated experience in securing enterprise networks, systems, and endpoints, including firewall configuration, network segmentation, and monitoring.

• Identity and Access Management (IAM): Hands-on experience implementing and managing SSO, MFA, and PAM solutions.

• Vulnerability and Patch Management: Proven ability to identify, prioritize, and close vulnerabilities using automated tools, with a strong understanding of patch lifecycle processes.

• Security Assessments and Penetration Testing: Experience in conducting or coordinating vulnerability assessments, penetration tests, and remediation tracking to ensure system resilience.

• Cloud and Application Security: Experience in securing cloud platforms and applications.

• Security Monitoring and Incident Response: Practical experience using NDR and SIEM tools, threat detection, incident investigation, and forensic analysis.

• Compliance and Risk Management: Working knowledge of ISO 27001, NIST, GDPR, and related frameworks, with the ability to translate compliance into operational controls.

• Analytical and Problem-Solving: Ability to conduct threat intelligence, risk assessments, and provide actionable security insights.

• Communication and Collaboration: Strong skills in explaining security concepts, leading awareness sessions, and coordinating across teams.

• Automation and Innovation: Experience with scripting (Python, PowerShell) and familiarity with Zero Trust architectures and automation in security processes.