Information Security Analyst

Veritran


Job Location:

Harare - Zimbabwe

Monthly Salary: Not Disclosed
Posted on: 11 hours ago
Vacancies: 1 Vacancy

Job Summary

Reporting directly to the Chief Information Officer the Information Security Analyst is responsible for building operating and continuously improving the organisations enterprise information security and cyber resilience technical programme. This role combines governance and compliance with technical hands-on security operations. The Information Security Analyst ensures alignment with National Payment Systems Cybersecurity Framework PCI-DSS ISO 27001 and other applicable standards and directives while actively defending and monitoring critical systems.

Key Responsibilities

1. Governance & Policy

  • Develop and maintain the enterprise information security strategy standards and policies.
  • Ensure alignment with NIST and NPS Cybersecurity Frameworks.

  • Drive staff awareness programmes and enforce security baselines.

 

2. Risk Management

  • Lead recurring cybersecurity risk assessments and maintain an actionable risk register.

  • Identify and communicate risks to executive leadership and Risk & Compliance.

  • Manage third-party/outsourcing risk controls.

 

3. Security Operations (Hands-On)

  • Actively monitor parse and triage logs across servers firewalls SIEM and applications.

  • Write and maintain scripts (bash Python PowerShell regex) to filter correlate and analyse data.

  • Lead vulnerability scanning penetration testing coordination and remediation tracking.

  • Tune SIEM rules alerts and dashboards for actionable intelligence.

  • Support secure coding practices review application security outputs and guide developers on remediation.

 

4. Incident Response

  • Lead security incident investigations: containment forensics root cause analysis.

  • Coordinate breach notification and reporting with regulators and stakeholders.

  • Maintain and test the Cybersecurity Incident Response Plan.

 

5. 3rd Party Liaison

  • Act as a company representative in the role of cybersecurity officer.

  • Maintain evidence of compliance for Third Party Security Assessments Accreditations and and Audits.

  • Provide clear risk and compliance reports to the Board.

 

6. Team Engagement

  • Participate in cross-domain and multi-stakeholders projects to ensure secure-by-design/defence-in-depth approaches.

  • Build capacity through training technical exercises and knowledge transfer.

  • Coordinate with stakeholders to embed security controls.

 

 

7. Audit & Assurance

  • Support all internal/external audits (TPSA ITGC PCI ISO).

  • Close audit findings with documented evidence and root cause fixes.


Qualifications :

Required Skills & Qualifications

  • Education: Batchelor of Science degree (2:1 or equivalent) in Information Security Computer Science or equivalent industrial experience.

  • Certifications: CISSP CISM ISO 27001 LA OSCP or equivalent (advantageous but not a substitute for skills).

  • Experience: Minimum 24 years in technical roles ideally in banking payments or regulated industries.

  • Core Skills:

    • Strong Linux/Unix administration skills.

    • Proficiency in scripting (bash Python PowerShell).

    • Regex fluency and log analysis across SIEM syslog and application stacks.

    • Secure coding principles and ability to critique/review methodologies and output

    • Proven incident response and analysis experience.

    • Understanding of OSI Stack network security firewalls IDS/IPS and vulnerability management.

 

Essential Attributes

  • Analytical mindset with strong problem-solving skills (must be able to read parse and make sense of data).

  • Practical approach: able to operate with limited tools and resources.

  • High personal integrity and accountability: role involves direct regulator engagement.

  • Comfortable switching between high-level governance and low-level technical work.


Additional Information :

This position is a permanent full time position based in our offices in Harare Zimbabwe. Please ensure you are eligible to live and work in that location before applying. Were looking for the best technical skills in the country and offer a package unrivalled to attract the very best.


Remote Work :

No


Employment Type :

Full-time

Reporting directly to the Chief Information Officer the Information Security Analyst is responsible for building operating and continuously improving the organisations enterprise information security and cyber resilience technical programme. This role combines governance and compliance with technica...

About Company

Our VisionTo modernise African banking by creating world-class, inclusive, and affordable financial ecosystems across Sub-Saharan Africa. We unlock new value for institutions through agile transformation, resilient digital cores, and next-gen delivery frameworks.Our MissionZSS operate ... View more

View Profile View Profile