Job Description

 Information Security Specialist

Number of position: One

Duty Station: Addis Ababa (ICAP HO)

Job Summary: The Information Security Specialist is responsible for consulting health institutions, including (health facilities, the Ethiopian Public Health Institute (EPHI) and the Regional Health Bureaus (RHBs) on prevention and mitigation of security breaches that may arise within computer systems. The Information Security Specialist is also responsible for analyzing health information system software designs and implementations from the security perspective. S/he will assist in identifying and applying defense and counter measures to ensure the use of robust and reliable software and overall information security in SI Project implementation.

Information Security Specialist Job Responsibilities

Under the direct supervision of the IT Deployment Team Leader, the incumbent will:

• Analyze existing security systems and make recommendations for changes or improvements
• Organize and conduct tests and “ethical hacks” of the existing security architecture
• Monitor the network and provide early warning of abnormalities or problems
• Upgrade systems regularly to remain competitive in the field of security
• Perform regular security audits and inspection for vulnerability and provide reports
• Track existing processes, both ICT Infrastructure and Software Development and offer solutions for improvement
• Design and implement safety measures and data recovery plans
• Design, install, configure, upgrade Security Systems both hardware and software
• Take appropriate measures on privacy breaches and malware threats
• Draft security policies and guidelines and conduct trainings when needed
• Help define consistent Secure Software Development Lifecycle practices for all development activities throughout the planning and delivery cycles to ensure that application security risks are mitigated
• Improve secure coding practices, application security requirements, automation, training, and metrics
• Integrate threat modeling practices into the Software Development Lifecycle
• Help build secure products and standards around emerging technologies and using existing standards and security practices
• Maintain active understanding of industry practices for secure software development and incident response, and
• Undertake other relevant activities as assigned by the immediate supervisor or the Project Director

Job Requirements

Qualifications and experience

• BSc in Computer Science, Information Technology or a related field; MSc and professional certification (e.g. CompTIA Security+, CISSP) is a plus
• Five years of experience as a System Security Expert or similar role
• Certification, such as CCNA or OWSE
• Knowledge of potential attack vectors such as XSS, injection, hijacking, social engineering, and so on
• Knowledge of networking protocols, such as TCP/IP and experience with HTTP and HTTPS, as well as their underlying implementations
• Knowledge of Content Delivery Networks 
• Excellent understanding of web applications, web servers, and layer 7 application technologies, frameworks and protocols with respect to application development and deployment
• Well versed in web application design, penetration testing, application risk assessment and risk categorization
• Programming skills are preferred (e.g. knowledge of Java / C# / C++, JavaScript and HTML, PHP languages)
• Familiarity with security frameworks (e.g. NIST Cybersecurity framework) and risk management methodologies
• Knowledge of patch management, firewalls and intrusion detection/prevention systems, and
• Familiarity with public key infrastructure (PKI) and cryptographic protocols (e.g. SSL/ TLS)

How to Apply

Only online applications are received

Click here to apply

https://icapacity.icap.columbia.edu/en-us/job/493338/information-security-specialist

NB – Please note that only shortlisted applicants will be contacted.

Closing date for receiving applications is – October 13, 2020