Information Security (InfoSec) Specialist

Job-Specific Skills & Responsibilities

The Information Security Specialist is responsible for implementing monitoring and maintaining enterprise information security practices ensuring compliance with organizational standards and mitigating risks across IT systems.

Key Responsibilities

1. Information Security Policies & Procedures

• Support the development maintenance and enforcement of information security plans policies and procedures.
  

• Ensure alignment with national and organizational security frameworks.
  

2. Vulnerability Management

• Partner with system owners to track and remediate identified vulnerabilities.
  

• Conduct assessment research and resolution of security risks.
  

• Maintain vulnerability management tools and frameworks.
  

3. Security Incident Management

• Respond to security incidents and provide post-incident analysis lessons learned and recommendations.
  

• Maintain incident management tools and frameworks.
  

4. Information Security Audit

• Coordinate internal and external audits to validate the effectiveness of security controls.
  

5. IT Risk Management

• Collaborate with GRC specialists to conduct periodic risk assessments.
  

• Update information asset profiles identify vulnerabilities and propose mitigation strategies.
  

6. IT Systems & Applications Support

• Advise and support the design implementation and operation of IT systems in compliance with security standards and guidelines.
  

7. Training & Awareness

• Participate in developing and delivering security training programs and awareness campaigns.
  

8. Additional Responsibilities

• Monitor the information security queue and ensure tickets are resolved on time.
  

• Review and approve IT changes as necessary.
  

• Conduct threat hunting activities to identify and manage potential security threats.
  

• Perform other duties as assigned by the supervisor ensuring high-quality and timely delivery in alignment with organizational policies and objectives.
  

Requirements

Minimum Qualifications

• Bachelors degree in Computer Engineering Computer Science or equivalent.
  

• Relevant IT certifications are an advantage (e.g. CISSP CISA CISM ISO 27001).
  

Minimum Experience

• Minimum 6 years experience in:
  

  • Information Security Policies & Procedures
    

  • Vulnerability Management
    

  • Security Incident Management
    

  • Information Security Audit
    

  • IT Risk Management
    

  • IT Systems & Applications
    

  • Security Training & Awareness
    

• Experience monitoring security queues investigating and resolving tickets within agreed service levels.
  

• Experience reviewing and approving IT changes as required.
  

• Hands-on threat hunting experience across enterprise environments.
  

Submission date: Please submit CVs on or before 02 December 2025.