Make Your Resume Now

Information Security Analyst

Veritran1
Zimbabwe
Posted September 25, 2025
Full-time Not Applicable

Job Overview

Reporting directly to the Chief Information Officer, the Information Security Analyst is responsible for building, operating, and continuously improving the organisation’s enterprise information security and cyber resilience technical programme. This role combines governance and compliance with technical, hands-on security operations. The Information Security Analyst ensures alignment with National Payment Systems Cybersecurity Framework, PCI-DSS, ISO 27001, and other applicable standards and directives, while actively defending and monitoring critical systems.

Key Responsibilities

1. Governance & Policy

  • Develop and maintain the enterprise information security strategy, standards, and policies.

  • Ensure alignment with NIST and NPS Cybersecurity Frameworks.

  • Drive staff awareness programmes and enforce security baselines.

 

2. Risk Management

  • Lead recurring cybersecurity risk assessments and maintain an actionable risk register.

  • Identify and communicate risks to executive leadership and Risk & Compliance.

  • Manage third-party/outsourcing risk controls.

 

3. Security Operations (Hands-On)

  • Actively monitor, parse, and triage logs across servers, firewalls, SIEM, and applications.

  • Write and maintain scripts (bash, Python, PowerShell, regex) to filter, correlate, and analyse data.

  • Lead vulnerability scanning, penetration testing coordination, and remediation tracking.

  • Tune SIEM rules, alerts, and dashboards for actionable intelligence.

  • Support secure coding practices, review application security outputs, and guide developers on remediation.

 

4. Incident Response

  • Lead security incident investigations: containment, forensics, root cause analysis.

  • Coordinate breach notification and reporting with regulators and stakeholders.

  • Maintain and test the Cybersecurity Incident Response Plan.

 

5. 3rd Party Liaison

  • Act as a company representative in the role of cybersecurity officer.

  • Maintain evidence of compliance for Third Party Security Assessments, Accreditations and and Audits.

  • Provide clear risk and compliance reports to the Board.

 

6. Team Engagement

  • Participate in cross-domain and multi-stakeholders projects to ensure secure-by-design/defence-in-depth approaches.

  • Build capacity through training, technical exercises, and knowledge transfer.

  • Coordinate with stakeholders to embed security controls.

 

 

7. Audit & Assurance

  • Support all internal/external audits (TPSA, ITGC, PCI, ISO).

  • Close audit findings with documented evidence and root cause fixes.

Ready to Apply?

Take the next step in your career journey

Apply Show More Jobs

Stand out with a professional resume tailored for this role

Build Your Resume – It’s Free!