Purpose of the position
To advise, guide, instruct and help implement effective cybersecurity measures for the base period of a digital health project in Lesotho, focused on enhancing the existing Health Information Systems in use by the MOH.
Key Accountabilities
- Develop the best industry-standard strategy to defend devices, networks, software, data, and complete information systems against possible intrusion and cyber-attacks
- Interview team and key stakeholders to ascertain specific security concerns and issues
- Perform vulnerability testing, including risk analyses and security assessments on systems and code
- Research current security standards and systems to ensure current and updated technologies are applied
- Plan, research, and design an all-encompassing, capable security architecture for the project
- Implement and maintain a fitting corporate security policy for the project that is in line BroadReach’s existing policies
- React and respond immediately to any security-related incidents, and then provide both remediation and a thorough post-event analysis
- Maintain an information security risk register and assist with internal and external audits relating to information security
Qualifications
Essential qualifications
- Undergraduate degree in Computer Science, Mathematics, Statistics, Physics Data Science or related field.
Desirable qualifications
- Masters degree in Computer Science, Mathematics, Statistics, Physics, Data Science or working towards a post graduate degree. ITIL Certificate
Experience & Skills
- A minimum of 3 – 5 years working in an IT environment, with a focus on cybersecurity as a specialisation
- Proven proficient in one or more of the following programming environments: SQL, advanced scripting skills using Bash and Python, Java, Go or C/C++.
- Prior experience working with DHIS2, OpenMRS, eRegister etc advantageous
- Prior experience working on donor funded (ideally USG) projects in Lesotho
- Experience within the following skillsets is advantageous: Ethical Hacking and Coding Practices, Advanced Persistent Thread Management, Firewall Safety and Management, Operating Systems knowledge (such as Windows, Linus, UNIX) and encryption techniques and capabilities
- A broad knowledge of compliance assessments
- Proven ability to understand, prepare, and analyse large and complex data sets.
- Proven ability to analyse data, draw insights, and prepare reports in a cohesive, intuitive, and simplistic manner.
- Professional proficiency in written and oral communication skills in English.
- Expert skills with MSOffice.
- Experience with PostgreSQL, MySQL or other relational databases
- Experience with design and development of Web APIs
Personal Qualities & Behavioural Competencies
- Ability to collaborate and work with cross-functional, multi-disciplinary teams.
- Self motivated and able to effectively prioritise and plan work.
- Ability to work effectively across a number of projects.
- Highly organised with a strong focus on attention to detail.
- Solution focused.
- Committed to high standards and continuous improvement
- Good influencing and interpersonal skills with people at all levels
- Ability to operate in a high-pressure environment with conflicting priorities and tight timelines
- Resourceful, creative and innovative approach to work
- Ability to build rapport and credibility with stakeholders
Capabilities
Winning, Enabling and Delivery of Projects
- Opportunity Development, Capture Management, Proposal Development, Organized, Disciplined, Analytical
People Leadership/Self Leadership
- Selections, Development, Delegation, Example, Self-Confidence, Independently responsible, Curiosity, Change Management
Strategic and Holistic Decision Making
- Governance and legal awareness, Financial acumen, Risk management, Strategic perspective
Relationship Management
- Institutional Representations, Taking the long view, Building common ground, Mutual respect, Responsiveness, Standing for the other, Engagement