Information Security Officer Job Opportunity at ASA Microfinance

Information Security Officer Job Opportunity at ASA Microfinance

Information Security Officer 

ASA Microfinance

ASA Microfinance Tanzania Limited (ASAMTL) Job Openings – February 2025
ASA Microfinance Tanzania Limited (ASAMTL) is a subsidiary of ASA International, one of the world’s largest and fastest-growing international microfinance banking institutions in Asia and Africa (“ASA International” or the “Group”). ASA International promotes financial inclusion and has successfully shown that access to financial services helps to reduce poverty and promotes socioeconomic progress for its predominantly female client base. The company operates in Tanzania with a focus on empowering low-income individuals, particularly women, by providing them with access to affordable financial services. ASAMTL is looking for highly motivated and competitive individuals to fill the below positions.

Information Security Officer – 01 Post

Job Description:

The Information Security Officer will be responsible for identifying and mitigating IT risks, responding to observations identified by third-party auditors or examiners, and assisting in the development of periodic reports and dashboards presenting the level of controls compliance and current IT risk posture. The role requires a dynamic individual with a deep understanding of both microfinance operations and technological innovations.

Main Responsibilities:

Serve as a core member of the Security Operation Centre (SOC), monitoring and optimizing security tools to ensure data integrity.
Conduct dedicated monitoring and analysis of cybersecurity events using various tools to investigate and understand security incidents, leading to effective incident response (IR).
Analyze and detect security threats through threat intelligence-based detection and behavior analysis.
Perform data mining of log sources to uncover and investigate anomalous activities, tuning rules, filters, and policies to enhance detection accuracy and visibility.
Manage security incident communications, including initial reporting, follow-ups, and resolution activities.
Provide threat and vulnerability analysis, along with security advisory services.
Analyze and respond to undisclosed software and hardware vulnerabilities.
Investigate, document, and report on information security issues and emerging trends.
Develop a program plan that includes security gap assessments, policies, procedures, standards, training, certification, and testing.
Collaborate with management and the IT department to enhance security measures.
Document any security breaches and assess their impact.

Knowledge, Skills, and Abilities:

BSc/MSc degree in Computer Science, Information Security, Cyber Security, or related IT fields.
Professional Information Security Certifications such as CEH, CCNA Security, or CompTIA Security+ are preferable.
Certification as ISO/IEC 27001 Lead Implementer is a MUST.
Minimum of 3 to 5 years of experience in Information Security, focusing on incident monitoring and detection.
Solid knowledge of various information security frameworks.
Technical expertise in areas including Security Information and Event Management (SIEM), SQL, TCP/IP, networking, programming languages, IDS/IPS, penetration and vulnerability testing, forensics, firewall and intrusion detection/prevention protocols, operating systems (Windows, UNIX, Linux), network protocols, packet analysis tools, Next-Gen AV, DLP, email, storage, syslog, Windows Server, and Identity Access Management.
Prior experience in detecting, analyzing, and responding to security incidents.
Understanding of common security threats, attack vectors, vulnerabilities, and exploits.
Excellent oral and written communication skills.
Strong analytical and problem-solving abilities.
Self-starter who works well both independently and in a team environment, with the ability to adapt to changing priorities.
Excellent interpersonal and organizational skills.

General Requirements for Applicants of All Posts:

Application Letter.

Curriculum Vitae enclosing details of work experience, skills, and postal and telephone contacts of three referees.
One current passport-size photograph attached to the CV.

Mode of Application:

Applicants who consider themselves competent for the above-mentioned positions should send their applications to: [email protected] or drop their applications at the ASAMTL Head Office at House No. 01, Plot No. 87, Msese Street, Kinondoni Road (Near Kinondoni Makaburini), Dar es Salaam, before 1700 HRS on 15th February 2025.

Note: Only short-listed candidates will be contacted for interviews. No phone calls are allowed for inquiries. No allowances will be admissible for interviews.