×

Ways to Bank

Quick Links

dfcu © 2018.All rights reserved

IT Security Specialist – Applications (1 Position)

Reporting to: Manager- Cyber Defence

Duty station: Head Office

Reporting to the Manager- Cyber Defense, the IT Security Specialist- Applications is responsible for ensuring the security and integrity of software applications by implementing, monitoring, and managing security measures to protect against vulnerabilities, threats, and unauthorized access.

 

KEY ACCOUNTABILITIES:

  • Conduct vulnerability assessments and penetration testing on applications.
  • Identify and remediate security weaknesses in application designs, code, and configurations. This is for both new implementations and for those undergoing changes.
  • Collaborate with developers to integrate security into the Software Development Life Cycle (SDLC).
  • Promote secure coding practices, such as input validation, encryption, and authentication mechanisms.
  • Investigate and respond to application security incidents, such as breaches or malware infections.
  • Perform root cause analysis and recommend preventative measures.
  • Ensure applications comply with security standards (e.g., OWASP Top 10, ISO 27001, or PCI-DSS).
  • Develop and enforce application security policies and guidelines.
  • Deploy and manage tools like Web Application Firewalls (WAFs), Static and Dynamic Application Security Testing (SAST/DAST) tools, and runtime protection tools.
  • Continuously monitor application activity for anomalies or suspicious behaviour.
  • Educate developers and stakeholders on application security risks and best practices.
  • Conduct workshops or create resources to build a security-first mindset within development teams.
  • Work with cross-functional teams, including developers, DevOps, and BT teams, to address security issues.
  • Communicate risks and solutions to both technical and non-technical stakeholders.
  • Stay updated on emerging application security threats and technologies.
  • Recommend and implement improvements to enhance application security posture.

 

KNOWLEDGE, SKILLS AND EXPERIENCE REQUIRED:

  • A minimum qualification of a Bachelor’s degree in Computer Science, Information Technology, or a related numerical Sciences degree.
  • A Master’s degree specializing in Digital Security is an added advantage
  • Professional information and cyber security certifications in relevant technologies such as Cisco, Microsoft, Unix / Linux will be an added advantage.
  • At least one information security certification e.g. CISSP, CISM, CEH, CCSP etc.
  • At least 5 years’ experience in systems / network administration role or information and cyber security role.
  • Work experience in the banking industry will be an added advantage.
  • Experience and qualifications in Ethical Hacking.
  • Working Knowledge of systems architecture and systems development.
  • Knowledge and experience in Applications penetrations testing.
  • Skills and training in internet applications design and security.
  • Experience with Web Application Firewalls Proficiency in security technologies such as firewalls, intrusion detection systems, and encryption.
  • Knowledge and Experience in Cyber Defense techniques and technologies.
  • Experience in UNIX and Windows server administration is an added advantage.
  • Technical skills in Unix and Windows and Python scripting skills.
  • Demonstrate experience in writing technical reports and management reports for stakeholders is a must.
  • Must possess above average problem-solving skills, organization skills, excellent and communication skills.
  • Considered an out of the box thinker and displays a willingness to learn.
  • Ability to maintain robust stakeholder engagements, a strong work ethic, and is a team player with the ability to work well independently.
  • Experience with security frameworks and regulations such as PCI-DSS & ISO 27001.
  • Ability to respond immediately to security incidents and provide post incident analysis.
  • Ability to perform security systems testing both in-house and external systems before production deployment.
  • The ability to educate employees on security best practices and promote a culture of security awareness.
  • Advanced Business Architectural & IT Security skills.
  • Analytical Thinking & Inductive Reasoning.
  • Planning and Organization.
  • Strategic Perspective – Establish priorities, challenging goals and measurements consistent with these goals and organizational vision.
  • Critical Judgement and Decision-Making – Define issues and focus on achieving workable solutions to obstacles.
  • Good Communicator – Presents ideas effectively, clearly and concisely both orally and in writing.
  • Leadership and Interpersonal Skills – Create a culture of continuous development and ownership with self and the team.
  • Inspire Commitment –Actions and behaviors are consistent with words.
  • Self-Development – Pursues positive change in self and organization.
  • Drives own personal development plan.

 

INVITATION

If you believe you meet the requirements as noted above, please forward your application to the link below:

https://careers.dfcugroup.com/

Once there, click on “Career Opportunities” to get started. (We recommend using Google Chrome for the best experience.)

 

Deadline: Monday 23rd June 2025.

Only short-listed candidates will be contacted.

 

dfcu Bank is an equal opportunity employer. We do not discriminate on the basis of religion, age, citizenship, marital or family status, disability, or gender.

facebookShare on Facebook
TwitterPost on X

Close

Need help?

>

dfcu Whistleblowing Channels: Email address: dfcu@tip-offs.com; Whistleblowing Toll Free Number: 0800 100 255; Anonymous Tip-Offs Link

©dfcuBank 2025. All Rights Reserved. dfcu Bank Limited is regulated by the Central Bank of Uganda. Customer deposits are protected by the Deposits Protection Fund of Uganda up to UGX 10 million. T&Cs apply.