Job Description

• As an Information Security Analyst, you will be responsible for safeguarding Savannah Informatics’ digital assets and ensuring the confidentiality, integrity, and availability of information across the organization.
• You will play a key role in identifying security threats, developing strategies to mitigate risks, and working closely with cross-functional teams to ensure our systems meet industry standards and regulatory requirements for healthcare information security.
• If you’re detail-oriented, have a passion for cybersecurity, and are eager to make an impact on the healthcare technology landscape in East Africa, we’d like to hear from you!

Responsibilities 

• ​​​Conduct regular assessments to identify security vulnerabilities, risks, and threats to the organization’s information systems and assets.
• Implement and maintain monitoring tools to detect and respond to security incidents in real-time, ensuring timely and effective response to threats.
• Develop, review, and enforce security policies, guidelines, and procedures to safeguard sensitive data and comply with healthcare regulations.
• Lead or assist in investigating security breaches, conducting root cause analyses, and implementing corrective actions to prevent future occurrences.
• Conduct ongoing training for employees on security best practices, phishing attacks, password hygiene, and other information security topics.
• Identify and manage vulnerabilities in systems, applications, and networks by applying patches and updates and collaborating with IT and development teams.
• Ensure the organization’s security policies and practices comply with relevant regulatory frameworks, such as HIPAA, GDPR, and local data protection laws.
• Prepare for and support external audits by providing evidence of compliance with security standards and frameworks.
• Implement and maintain encryption standards, firewalls, and access control mechanisms to protect data.
• Stay informed on the latest cybersecurity threats, trends, and best practices, recommending solutions and preventive measures.

Requirements​​​

• Bachelor’s degree in Computer Science, Information Technology, or a related field.
•  Exceptional academic track record from both high school and university
• Proven experience in information security, cybersecurity, or a related field.
• Knowledge of security standards and frameworks such as ISO 27001.
• Familiarity with security tools and technologies, including firewalls, intrusion detection/prevention systems (IDPS), encryption protocols, and endpoint protection.
• Experience with vulnerability management tools and SIEM solutions .
• Strong understanding of networking protocols, operating systems, and database security principles.
• Ability to assess risks, identify security vulnerabilities, and recommend mitigation strategies.
• Excellent problem-solving skills with a strong attention to detail.
• Ability to work independently and collaboratively with cross-functional teams.
• Certifications related to the role are a plus but not required.
• Experience in healthcare or e-Health security is a plus.