Information Security (InfoSec) Specialist

Job Description

Job-Specific Skills & Responsibilities

The Information Security Specialist is responsible for implementing, monitoring, and maintaining enterprise information security practices, ensuring compliance with organizational standards and mitigating risks across IT systems.

Key Responsibilities

1. Information Security Policies & Procedures

Support the development, maintenance, and enforcement of information security plans, policies, and procedures.

Ensure alignment with national and organizational security frameworks.

2. Vulnerability Management

Partner with system owners to track and remediate identified vulnerabilities.

Conduct assessment, research, and resolution of security risks.

Maintain vulnerability management tools and frameworks.

3. Security Incident Management

Respond to security incidents and provide post-incident analysis, lessons learned, and recommendations.

Maintain incident management tools and frameworks.

4. Information Security Audit

Coordinate internal and external audits to validate the effectiveness of security controls.

5. IT Risk Management

Collaborate with GRC specialists to conduct periodic risk assessments.

Update information asset profiles, identify vulnerabilities, and propose mitigation strategies.

6. IT Systems & Applications Support

Advise and support the design, implementation, and operation of IT systems in compliance with security standards and guidelines.

7. Training & Awareness

Participate in developing and delivering security training programs and awareness campaigns.

8. Additional Responsibilities

Monitor the information security queue and ensure tickets are resolved on time.

Review and approve IT changes as necessary.

Conduct threat hunting activities to identify and manage potential security threats.

Perform other duties as assigned by the supervisor, ensuring high-quality and timely delivery in alignment with organizational policies and objectives.

Requirements

Minimum Qualifications

Bachelor’s degree in Computer Engineering, Computer Science, or equivalent.

Relevant IT certifications are an advantage (e.g., CISSP, CISA, CISM, ISO 27001).

Minimum Experience

Minimum 6+ years’ experience in :

Information Security Policies & Procedures

Vulnerability Management

Security Incident Management

Information Security Audit

IT Risk Management

IT Systems & Applications

Security Training & Awareness

Experience monitoring security queues, investigating and resolving tickets within agreed service levels.

Experience reviewing and approving IT changes as required.

Hands-on threat hunting experience across enterprise environments.

Submission date : Please submit CV's on or before 02 December 2025.