System Security Officer

Job Competencies

• Technical depth Solid grounding in ICT security principles, standards, and frameworks (e.g. ISO 27001, NIST CSF).
  
• Systems knowledge Familiarity with database management systems, network security technologies, and security assessment tools.
  
• Analytical thinking Strong ability to assess complex security risks, analyse incidents, and translate findings into actionable recommendations.
  
• AI & emerging technology awareness Understanding of AI-related security risks including adversarial attacks, data poisoning, and model misuse as well as the use of AI-driven security tools for anomaly detection, threat intelligence, and automated incident response.
  
• Communication & collaboration Effective interpersonal skills to work across functions and educate staff on security best practices.
  
• Professionalism High attention to detail, ability to work both independently and in team settings, with a consistent commitment to delivering results.
  
• Adaptability Demonstrated willingness to keep pace with the evolving ICT security landscape and rapidly adopt new technologies.
  

• Implementing ICT security policies, procedures, and protocols to safeguard the SACCO's
  
• information assets, including databases, networks, and applications.
  
• Support deployment and ongoing maintenance of security controls and technologies such as firewalls, intrusion detection/prevention systems (IDS/IPS), and access control mechanisms to mitigate system security risks.
  
• Conducting security assessments, vulnerability scans, and penetration tests to identify and remediate security gaps in the SACCO's ICT environment.
  
• Provide technical support for monitoring security incidents and breaches investigating root causes, and implementing incident response procedures as necessary.
  
• Monitor for security incidents and breaches, lead root-cause investigations, and execute incident response procedures in a timely and effective manner.
  
• Participate in the implementation of data encryption, backup, and recovery mechanisms to protect sensitive information and ensure business continuity.
  
• Stay updated on ICT security trends, emerging threats, and best practices, contributing to the enhancement of the SACCO's security posture.
  
• Conduct system administration functions from time to time which includes; managing system infrastructure, supporting users, safeguarding data, and maintaining system performance.