Share this Job
Information Security Specialist job at Uganda National Oil Company (UNOC) Limited | Apply Now
Are you looking for Information Technology Jobs in Uganda 2024? If yes, then you might be interested in Information Security Specialist job at Uganda National Oil Company (UNOC) Limited
Uganda
Full-time
Uganda National Oil Company (UNOC) Limited is a limited liability company solely owned by the Government of Uganda (GOU). It was established under Section 42 of the Petroleum (Exploration, Development, and Production) Act and Section 7 of the Petroleum (Refining, Conversion, Transmission and Midstream Storage) Act, both of 2013. It was incorporated under the Companies Act of 2012 as a limited liability company on June 12th, 2015.
Information Security Specialist job at Uganda National Oil Company (UNOC) Limited
Uganda National Oil Company (UNOC) Limited
The Uganda National Oil Company (UNOC) Limited was established under the Petroleum (Exploration, Development and Production) Act and the Petroleum (Refining, Conversion, Transmission and Midstream storage) Act, both of 2013 and incorporated under the Companies' Act, 2012. It is a limited liability company wholly owned by the Government of Uganda. The overall function of UNOC is to handle the State's commercial interests in the Oil and Gas industry and ensure that the resource is exploited in a sustainable manner.
UNOC now invites applications from persons interested to develop their career with a dynamic and results-oriented Company to occupy the following position
Our Vision
To be an innovative and profitable company that operates across the petroleum value chain for the benefit of all Ugandans.
Our Mission
To drive sustainable growth in the oil and gas sector through strategic partnerships and championing national participation
What We Do
Manage the Government’s commercial interests in the petroleum sector and are mandated to ensure that the resource is exploited in a sustainable manner.
Investigate and propose new upstream, midstream, and downstream ventures initially locally and eventually internationally. Develop in depth expertise in the oil and gas sector.
Participate in joint ventures in which it holds an interest on behalf of the State
Security Monitoring: Monitor systems, networks, and applications for security breaches, unauthorized access, and suspicious activities using intrusion detection/prevention systems (IDS/IPS), SIEM tools, and other security technologies.
Incident Response: Respond to security incidents, breaches, and emergencies promptly, following established incident response procedures to contain, investigate, and mitigate security threats and vulnerabilities.
Vulnerability Management: Identify, assess, and prioritize security vulnerabilities in systems, applications, and infrastructure using vulnerability scanning tools and penetration testing techniques. Coordinate remediation efforts with IT teams and vendors.
Security Controls: Implement and maintain security controls, policies, and procedures to protect data, systems, and networks from unauthorized access, malware, and cyber threats. Ensure compliance with security standards, regulations, and industry best practices.
Access Management: Manage user access rights, permissions, and privileges to ensure least privilege access principles are followed, and enforce authentication mechanisms (e.g., multi-factor authentication) to verify user identities.
Security Awareness: Provide security awareness training and education to employees, contractors, and third-party vendors on security policies, procedures, and best practices to promote a culture of security awareness and compliance.
Security Architecture: Design, implement, and maintain security architectures, solutions, and technologies (e.g., firewalls, VPNs, encryption, endpoint security) to protect data in transit and at rest, and secure network perimeters and endpoints.
Risk Assessment: Conduct risk assessments, threat modeling, and security reviews to identify, analyze, and prioritize security risks, and recommend risk mitigation strategies and controls to reduce the organization's exposure to cyber threats.
Security Compliance: Ensure compliance with regulatory requirements (e.g., GDPR, HIPAA, PCI DSS), industry standards (e.g., ISO 27001), and contractual obligations related to information security and privacy. Prepare and maintain security documentation and reports for audits and assessments.
Security Research: Stay abreast of emerging threats, vulnerabilities, and security technologies through continuous research, training, and participation in industry forums and information sharing communities. Evaluate and recommend new security solutions and practices to enhance the organization's security posture.
SERVICES
COMMERCIAL
SERVICES
INDUSTRIAL
SERVICES
RESIDENTIAL
SERVICES
COMMERCIAL
SERVICES
INDUSTRIAL
SERVICES
RESIDENTIAL
SERVICES
COMMERCIAL
SERVICES
COMMERCIAL
SERVICES
COMMERCIAL
SERVICES
COMMERCIAL
SERVICES
INDUSTRIAL
SERVICES
RESIDENTIAL
Education: A bachelor's degree in computer science, information technology, cybersecurity, or a related field is typically required. Advanced degrees (e.g., master's or Ph.D.) and industry certifications (e.g., CISSP, CISM, CEH) may be preferred.
Experience: Several years of experience in information security roles, such as security analyst, security engineer, or security consultant, with a demonstrated track record of managing security incidents, implementing security controls, and conducting risk assessments.
Technical Skills: Proficiency in security technologies, tools, and concepts, including network security, endpoint security, cryptography, access control, identity and access management (IAM), and security information and event management (SIEM) systems.
Cybersecurity Knowledge: In-depth understanding of cybersecurity principles, frameworks (e.g., NIST Cybersecurity Framework), and standards (e.g., ISO 27001/27002, CIS Controls), as well as common cyber threats, attack vectors, and security best practices.
Analytical Skills: Strong analytical and problem-solving skills to analyze security incidents, assess risks, and recommend effective security controls and countermeasures to protect against cyber threats and vulnerabilities.
Communication Skills: Excellent written and verbal communication skills to communicate technical information effectively to non-technical stakeholders, prepare security documentation and reports, and collaborate with cross-functional teams.
Attention to Detail: Meticulous attention to detail in security analysis, risk assessment, and security documentation to ensure accuracy, completeness, and compliance with security policies and regulations.
Teamwork: Ability to work collaboratively in cross-functional teams, share knowledge and expertise, and build consensus on security priorities, initiatives, and risk mitigation strategies.
Ethical Conduct: Commitment to ethical conduct, integrity, and confidentiality in handling sensitive information and performing security duties. Adherence to professional codes of conduct and ethical guidelines for information security professionals.
Continuous Learning: Willingness to continuously learn and stay updated on evolving security threats, vulnerabilities, and technologies through training, certifications, and professional development activities. Demonstrated commitment to professional growth and lifelong learning in the field of cybersecurity.
APPLICATION FOR THIS POSITION MUST BE DONE ONLINE:
Are you interested? Click the "APPLY" button below to submit your application.
Related Jobs
.png)
.png)
%20(1).jpg)
