Requirements
a) Bachelor’s degree (Hons) in Information Technology, Computer Science, Information
Systems, Software Engineering or Computer Engineering from a recognized
university.
b) A post graduate diploma in related field is an added advantage.
c) Certified Information Systems Security Professional (CISSP)
d) Certified Information Security Manager (CISM)
e) A minimum of 6 years working experience in IT practice in a busy organisation.
f) At least 3 years work experience in IT Security Management.
g) Demonstrable experience in conducting IT security investigations, vulnerability
assessments, security operations, incident management.
h) Demonstrable experience with Microsoft 365, active directory, and related
technology
i) Experience in IT security solutions architecting and hands-on implementation of
security technologies.
j) Experience in coding
k) Ability to influence ICT behaviour across an entire organisation (to raise ICT security
consciousness).
Skills and Competencies
a) Knowledge of ITIL practices
b) IT Risk Mapping, Assessment. Monitoring
c) Disaster and Recovery Planning
d) IT Incident Management
e) IT Security Management
f) IT Audit and Investigation
g) Analysis and Problem Solving
h) Stakeholder Management
1. Develop and implement the IT Security development plan.
2. Provide support in the review of the functionality of UNOC’s perimeter and internal
protection technologies and processes that include threat intelligence, intrusion
detection and prevention, incident management, security operations management,
and vulnerability assessment.
3. Establish system controls by developing frameworks for controls and levels of access,
recommending improvements.
4. Ensure authorized access by investigating improper access; revoking access;
reporting violations; monitoring information requests by new programming and
recommending improvements.
5. Establish computer and terminal physical security by developing standards, policies,
and procedures, coordinating with facilities security, and recommending
improvements.
6. Safeguard computer files by performing regular backups, developing procedures for
source code management and disaster preparedness, and recommending
improvements.
7. Develop security awareness by providing orientation, educational programs, and ongoing communication.
8. Perform risk assessments and testing of data processing systems.
9. Provide support in the implementation of a pre-defined Secure Software
Development Lifecycle practice for all Company technology projects throughout the
planning and delivery cycles.
10. Collaborate with application and database team to achieve Information Security
software security program objectives.
11. Develop and apply the internet restriction security measures.
12. Conduct industry research to identify associated infrastructure needs (e.g. network
to monitor field operations and production, radio frequency…) and IT support for
E&P software (e.g. field management software)
13. Any other duties as may be assigned.