ASA Microfinance Tanzania Limited, incorporated under the Companies Act 2002 (No. 93819) of Tanzania and an affiliate of ASA International (www.asa-international.com), one of the largest microfinance companies in the world. We are hereby inviting qualified citizens of Tanzania to be part of our team for the following positions. ASA Tanzania is an equal opportunity employer who requires dynamic, loyal and committed young men and women who have passion for people’s socio-economic development to fill in the following positions for immediate appointment.

Position: Information Security Engineer (ISE) – 01 Post

Job Responsibilities:

• Work as a core member of Security Operation Center (SOC) and monitor and continuously optimize and maintain the configuration of security tools and ensure data feeds are continually available and trustworthy.
• Provide dedicated monitoring and analysis of cyber security events using a variety of tools and techniques to investigate, navigate, correlate and understand security incidents to Incident response (IR).
• Analyze and detect security threats using threat intelligence-based detection, user and attacker behavior analysis.
• Data mining of log sources to uncover and investigate the anomalous activity, along with related items of interest. Tuning of rules, filters, data feeds and policies for detection-related security technologies to improve accuracy and visibility.
• Processes security incident communications to include initial reporting, follow-ups, requests for information and resolution activity. Provide threat and vulnerability analysis as well as security advisory services.
• Analyze and respond to previously undisclosed software and hardware vulnerabilities.
• Investigate, document, and report on information security issues and emerging trends.
• Create a program development plan that includes security gap assessments, policies, procedures, standards, training and tabletop testing.
• Collaborating with management and the IT department to improve security.
• Documenting any security breaches and assessing their damage.

Academic Qualifications & Experience Requirements:

• BSc/MSc degree in Computer Science, Information Security, Cyber Security, or IT related fields is required.
• Professional Information Security Certification like CEH. ECSA, LPT, OSCP, CCNA Security, CompTIA Security* will be preferable.
• Minimum 3/5 years of Working experience in Information Security on incident monitoring and detection.
• Solid knowledge of various information security frameworks.
• Technical knowledge on Security Information and Event Management (SIEM), SQL, TCP/IP, computer networking, routing and switching, Programming languages, IDS/IPS, penetration and vulnerability testing, Forensics, Firewall and intrusion detection/prevention protocols, Windows, UNIX and Linux operating systems, Network protocols and packet analysis tools, Next-Gen AV, DLP, Email, Storage, Syslog, Windows Server, Identity Access Management.
• Prior experience detecting, analyzing, and/or responding to security incidents.
• Understanding of common security threats, attack vectors, vulnerabilities and exploits.
• Excellent oral and written communication skills.
• Excellent analytical and problem-solving skills. Self-starter, Works well in a team environment and independently and adjust to changing priorities, critical and strategic thinker, negotiator and consensus builder.
• Excellent interpersonal and organizational skills.

Renumeration: Attractive salary package will be offered relating to competencies and experiences.

General Requirements for Applicants of All Posts.

• Application Letter.
• Curriculum Vitae enclosing details of Work experience, skills and with postal and telephone contacts of Three Referees.
• One passport size photograph attached in CV.