IT Officer - Information Security at Plan International

ROLE PURPOSE

• Plan International is an independent child rights and humanitarian organisation committed to children living a life free of poverty, violence, and injustice.
• We actively unite children, communities and other people who share our mission to make positive lasting changes in children’s and young people’s lives. We support children to gain the skills, knowledge, and confidence they need to claim their rights to a fulfilling life, today and in the future. We place a specific focus on girls and women, who are most often left behind. 
• We have been building powerful partnerships for children for more than 85 years and are now active in over 80 countries.
• The Shared Services Centre is a Centre of Excellence based in the MEESA region established to serve clients to enhance their operation effectiveness i.e. COs, RH and GH.  The centre is committed to a reliable, efficient and effective service to clients at a competitive price.  Its ultimate goal is to be trusted, predictable, and dependable to our clients at all times and to ensure commitment to quality and excellent turnaround times in all our service delivery.
• The IT Officer - Security is responsible for ensuring the security of Plan International’s information systems and data. This role involves developing, implementing, and maintaining security protocols, procedures, and policies to protect the organization’s digital assets from cyber threats and vulnerabilities.

ACCOUNTABILITIES

Security Management

• Develop, implement, and maintain comprehensive IT security policies and procedures.
• Conduct regular security assessments, vulnerability testing, and risk analysis to identify and mitigate potential security threats.
• Monitor and manage security tools and systems to protect the organization’s network, systems, and data.

Incident Response

• Develop and implement an incident response plan for addressing security breaches and cyber attacks.
• Coordinate and manage the response to security incidents, including investigation, containment, and recovery.
• Conduct post-incident analysis to determine the root cause and implement measures to prevent recurrence.

Security Awareness and Training

• Develop and deliver security awareness training programs for staff to promote best practices in information security.
• Create and maintain security-related documentation, including user guides, policies, and procedures.
• Provide guidance and support to staff on security-related issues and best practices.

Compliance and Reporting

• Ensure compliance with relevant security standards, regulations, and policies (e.g., GDPR, ISO/IEC 27001).
• Conduct regular audits and assessments to ensure compliance with security policies and procedures.
• Prepare and present security reports to management, highlighting risks, incidents, and recommendations for improvement.

Technical Security Implementation

• Implement and manage security measures such as firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus software, and encryption tools.
• Manage access controls, including user permissions and authentication mechanisms.
• Perform regular security updates and patch management to ensure systems are up-to-date and secure.

Collaboration and Support

• Collaborate with IT team members and other departments to ensure security measures are integrated into all IT projects and initiatives.
• Provide technical support and troubleshooting for security-related issues.
• Stay updated with the latest security trends, technologies, and best practices to continually improve the organization’s security posture.

Safeguarding (5%)

• Ensure that Plan International’s global policy for Safeguarding and PII policy for Preventing Sexual Harassment Exploitation and Abuse; and Gender Equality and Inclusion are fully embedded in accordance with the principles and requirements of the policy including relevant Implementation Standards and Guidelines as applicable to their area of responsibility. This includes, but is not limited to, ensuring staff and associates are aware of and understand their responsibilities under these policies and Plan International’s Code of Conduct (CoC), their relevance to their area of work, and that concerns are reported and managed in accordance with the appropriate procedures.

TECHNICAL EXPERTISE AND KNOWLEDGE

• Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field.
• Relevant certifications (e.g., Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), CompTIA Security+, ISO 27001 Certified) are highly desirable.
• Minimum of 3-5 years of experience in IT security, including security policy development, risk management, and incident response.
• Experience with security technologies and tools such as firewalls, IDS/IPS, antivirus software, and encryption tools.
• Familiarity with security frameworks and standards (e.g., ISO/IEC 27001, NIST).
• Experience in a non-profit organization or international development sector is a plus.

Skills and Competencies:

• Strong technical skills in IT security, including knowledge of network security, application security, and data protection.
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills.
• Ability to work independently and as part of a team.
• Strong organizational and time management skills.
• High level of integrity and confidentiality.

Personal Attributes:

• Strong commitment to Plan International’s mission and values.
• Ability to work under pressure and handle multiple tasks simultaneously.
• Proactive and self-motivated with a continuous improvement mindset.
• High level of attention to detail and accuracy.

Languages required:

• Excellent written and verbal communication skills in English.