Job Description

Applications are invited from suitably qualified persons to fill the following posts within the Zimbabwe Revenue Authority (ZIMRA) – an equal opportunity employer.

APPLICATIONS SECURITY SPECIALIST – ICT, – LEVEL 9 (1 POST)

Duties and Responsibilities

Key Responsibilities
 Conduct periodic internal vulnerabilities assessment and penetration tests on all ZIMRA ICT systems.
 Performing web application penetration tests on target applications, providing reports documenting
the issues including actionable recommendations for remediation.
 Working closely with development teams to provide input and education on identified security issues.
7
 Produce, review, and document information, processes, and procedures pertaining to Secure SDLC
work (e.g. DAST process).
 Assist in the development and maintenance of application security standards.
 Conduct application security testing and quality assurance (QA) throughout the SDLC lifecycle to
validate testing processes.
 Monitor application security threat landscape and incorporate leading practices into testing approach.
 Participate in the investigation of information security incidents and development of
remediation/prevention mechanisms.
 Proactively identify opportunities for improvements in the application security program and
communicate those to the global Information Security function.
 Staying current on Application Security testing industry vulnerabilities, technologies, tools, and skills,
and make recommendations for use based on business value.
 Any other duties as may be assigned by the Information Assets Manager

Qualifications and Experience

Job Skills and Competencies
 Proven effectiveness in collaborating across teams/disciplines, including but not limited to software
developers, testers, and others outside the security organization.
 Self-starter with ability to work under pressure and beyond stipulated hours.
 Unquestionable integrity.
 Good communication and interpersonal skills.
 Ability to work with minimum supervision.
 Good organizational, people and time management skills.
 Team player who is innovative and analytical.
 Strong communication and presentation skills along with the ability to work in a highly collaborative
environment.
Qualifications and Experience
 A graduate Degree in Computer Science or Information & Communication Technology or
equivalent qualification
 Minimum of three (3) years' experience in ICT Services, of which two (2) years should be in ICT
Security or equivalent experience in areas such as Information Security and Application
Development.
 Certification in Java or Web Services, ICT Control and Management (COBIT), ISO 27001
certification or comparable security certification is required.
 Additional certification that must be obtained within 12 - 24 months of employment: Certified
Secure Software Lifecycle Professional (CSSLP) or Certified Information Systems Security
Professional (CISSP) is required.

How to Apply

Interested candidates should submit applications, accompanied by a detailed Curriculum Vitae by 14
March 2024, All applications should be emailed to: [email protected] clearly stating
the position applied for and addressed to:
The Director, Human Capital
Zimbabwe Revenue Authority
6th Floor ZB Centre
Corner First Street / Kwame Nkrumah Avenue
P. O. Box 4360
HARARE
Please note female candidates are encouraged to apply and only shortlisted applicants will be
responded to.