ICT Security Specialist at ZCCM Investment Holdings Plc

Job Reference Number: ZCCM-114
Department: ITC
Business Unit:
Industry: Information Technology
Job Type: Temp
Positions Available: 1
Salary: Market Related
The ICT Security Specialist is responsible for protecting the organisation’s information systems, networks, and data assets by ensuring the effective implementation, monitoring, and continuous improvement of ICT security controls. The role provides independent oversight, proactive threat detection, and assurance that ICT policies, standards, and regulatory requirements (such as the Data Protection

Job Description
2. Key Responsibilities
2.1 Security Monitoring and Incident Management

Monitor and analyse security logs from firewalls, intrusion detection/prevention systems, servers, and applications.
Detect, investigate, and respond to security incidents and anomalies.
Escalate and report security breaches in accordance with defined procedures.
Maintain proper documentation of incidents and actions taken.

2.2 ICT Policy Implementation and Compliance

Ensure full implementation of ICT and Information Security policies.
Conduct periodic compliance checks and identify control gaps.
Recommend corrective actions and track remediation progress.
Support internal and external audit processes.

2.3 Access Control and Identity Management

Perform periodic user access reviews, including privileged accounts.
Enforce least privilege principles and segregation of duties.
Monitor unauthorized access attempts and suspicious activities.
Ensure compliance with access control policies and procedures.

2.4 Disaster Recovery and Business Continuity
Computer Security

Coordinate and validate periodic Disaster Recovery (DR) tests.
Ensure DR documentation is regularly updated and accessible.
Evaluate test results and recommend improvements where needed.
Monitor readiness of backup systems and recovery processes.
Ensure backups are regularly done and tested for both integrity and restorability.

2.5 Vulnerability Management and Risk Assessment

Conduct routine vulnerability assessments and security scans across the ZCCM-IH Group network.
Identify weaknesses in systems, networks, and applications for the ZCCM-IH Group
Recommend  risk mitigation strategies and controls to be implemented.
Support enterprise  risk management initiatives across the group.

Data Backup & Recovery
2.6 Security Awareness and Best Practices

Promote security awareness among ZCCM-IH Group staff.
Guide on safe ICT practices
Support training initiatives to reduce human‑related security risks.

 
2.7 IT Control Environment Assurance

Continuously assess the effectiveness of IT controls
Ensure critical controls remain operational and effective at all times.
Provide periodic reports on the security posture of the organisation.

Risk Management
 
3. Key Deliverables

Security monitoring and incident reports
Access control review reports
DR testing reports and findings
Vulnerability and risk assessment reports
Compliance and audit support documentation

Job Requirements
4. Qualifications and Experience
Job search platform
 Education

Bachelor’s degree in:

ü  Information Technology
ü  Computer Science
ü  Cybersecurity
ü  Or related field
Professional Certifications (Advantage)
Educational Resources

CISSP (Certified Information Systems Security Professional)
CISM (Certified Information Security Manager)
CEH (Certified Ethical Hacker)
CompTIA Security+
Other recognised ICT Security Certifications

Must be a paid member of ICTAZ
Experience

Minimum 4 years experience in ICT or cybersecurity roles
Hands‑on experience in security monitoring tools and log analysis
Experience in risk management, compliance, or audits is an added advantage.

5. Technical Skills

Security tools (SIEM, firewalls, IDS/IPS)
Operating systems (Windows, Linux)
Networking fundamentals (TCP/IP, VPNs, routing)
Identity and access management systems
Vulnerability scanning tools.

6. Key Competencies

Strong analytical and problem‑solving skills.
Attention to detail and investigative mindset.
High level of integrity and confidentiality
Ability to work independently and objectively.
Effective communication and reporting skills

7. Working Relationships

ICT Operations Team
Internal Audit and Risk Management
External Auditors and Regulators
All Business Units (for compliance and awareness)

8. Performance Indicators

Timely detection and resolution of security incidents
Compliance with ICT policies and audit requirements
Effectiveness of access control and monitoring processes
Quality and timeliness of reporting

The duration of the contract is 12 Months
Sharing is Caring! Click on the Icons Below and Share