Senior Specialist IT Security – Ethiopian Commodity Exchange
Information Technology
Ethiopian Commodity Exchange
The Ethiopia Commodity Exchange (ECX) is a new initiative for Ethiopia and the first of its kind in Africa. The ECX is a unique partnership of market actors, the Members of the Exchange, and its main promoter, the Government of Ethiopia. ECX represents the future of Ethiopia, bringing integrity, security, and efficiency to the market. ECX creates opportunities for unparalleled growth in the commodity sector and linked industries, such as transport and logistics, banking and financial services, and others
The Ethiopia Commodity Exchange, (ECX), is a marketplace, where buyers and sellers come together to trade, assured of quality, delivery and payment. The vision of ECX is to transform the Ethiopian economy by becoming a global commodity market of choice. ECX’s mission is to connect all buyers and sellers in an efficient, reliable, and transparent market by harnessing innovation and technology, and based on continuous learning, fairness, and commitment to excellence
VACANCY ANNOUNCEMENT No. 007– 2022
(Internal/External)
The vision of ECX is to become a leading and dynamic African Exchange of choice. ECX has a mission to provide a modern, efficient, transparent, and reliable market platform and warehousing service through the adaptation of technology, excellence in innovation, and integrity. ECX is a unique partnership of market actors, Members of the Exchange, and its main promoter, the Government of Ethiopia. ECX represents the future of Ethiopia, bringing integrity, security, and efficiency to the market. ECX would like to promote & recruit motivated and qualified applicants for the following positions.
1. Position: Senior Specialist IT Security
Job Grade: 9
Duty Station: Addis Ababa/Head Office
Availability: As Soon As Possible
Job Purpose: – The purpose of this job is to increase the productivity of the exchange by setting a secure design standard for infrastructure, analyzing and assessing potential security risks, and developing plans to deal with such incidents by putting measures in places such as firewalls, Intrusion Preventions, and encryption, monitoring and auditing systems for abnormal activity, and executing corrective actions.
SUMMARY OF MAJOR DUTIES AND RESPONSIBILITIES
- Assists the division manager in developing plans, budgets, and reports for the division.
- Help Build, maintain, and enforce application security development policies, procedures& standards.
- Provide application security services into the software development lifecycle including secure design, coding techniques and reviews, education & awareness, process and tools, security testing support, and guidance.
- Develop secure coding standards that are based on industry-accepted best practices.
- Perform web application security vulnerability and Penetration tests.
- Identify application security risks and requirements for new projects and system developments.
- Provide technical advice to ensure that security standards are met
- Perform ongoing security testing and code review to improve software security and consult team members on secure coding practices.
- Provide regular status reports on the security of the software within the organization
- Performs regular IT security audit & risk assessment on ECX and Partner Networks and systems based on the ECX IT security policy & ISO 27001 and deliver reports
- Coordinates with the corporate Security Incident Handling Response Team (SIHRT) for security incidents (violation, breaches, attacks, system down…etc.), performs forensic analysis, and submits the report
- Maintains up-to-date security documentation and inventory of corporate Applications and DB and their license information
- Participate in project planning, and requirement analysis and provide security inputs for the project
- Recommends program improvements or corrections to the application developer.
- Identifies coding and development issues enter them into the defect tracking system and resolve the issue with the application developer.
- Coaches, Mentors, Trains, and guides junior staff
- Performs other duties assigned by the immediate supervisor
REQUIRED QUALIFICATIONS AND EXPERIENCE
- MSC/BSC. in Electrical/Electronics, Computer Science, Information Technology, and related fields
- 4/6 years of relevant experience in IT security, quality assurance & testing, software development, or related.
