Job Title: Information Security Analyst (xl) Reports To: Manager - Information and Communications Technology Background The Energy Regulation Board (ERB) is a statutory body established under the Energy Regulation Act to regulate the energy sector by licensing undertakings and ensuring consumers receive a quality service at an affordable price while ensuring a reasonable rate of return to the energy utilities. The ERB now seeks to recruit dynamic and suitably qualified persons to fill the position of Information Security Analyst. Job Purpose To ensure the security and integrity of the organization's information technology systems and infrastructure in order to protect the organization's digital assets, data, and networks from potential threats, vulnerabilities, and breaches. Main Duties and responsibilities • Manages the design, implementation, and upkeep of security infrastructure (e.g., SIEM, EDR, FWs, IDS/IPS, IAM, AV, encryption) and ensuring these technologies remain current and effective. • Performs periodic security audits and assessments to evaluate the effectiveness of security controls and ensure compliance with relevant regulations and industry standards. • Develops and delivers security awareness training programs to employees in order to foster a culture of security. • Monitor the organization's networks and systems for suspicious activities or anomalies that may indicate a security breach. • Maintains records of security incidents, including detailed incident reports, evidence, and remediation steps taken. • Continuously evaluates and enhances security measures based on emerging threats, technological advancements, and best practices in the field of information security • Conducts vulnerability assessments to identify weaknesses in the organization's systems and networks and performs penetration testing to simulate real-world attacks and assess the effectiveness of existing security measures. • Performs vulnerability assessments and penetration testing to identify system weaknesses and assess the effectiveness of existing security measures. • Contributes to the development and implementation of security policies, standards, and procedures aligned with industry best practices and ensures that security measures are integrated into the organization's overall governance framework and compliance requirements. • Conducts regular risk assessments to identify potential security risks and vulnerabilities within the organization's IT systems. Other Skills/Attributes • Good mathematical computation skills • Analytical skills • Innovation • Integrity • Confidentiality • Excellent analytical, problem-solving, and incident handling skills. • Strong written and verbal communication skills. • Solid understanding of networking protocols, operating systems (Windows, Linux), and cloud security. Minimum Qualification and Experience • Grade 12 School Certificate or equivalent • Bachelor's degree in Computer Science, Information Security, or a related field, • Professional IT Security Certification (e.g. CISSP, ECIH, CEH, CYSA+). • Practical IT Security certification will be an added advantage • Five (5) years work experience in ICT of which three (3) years of professional experience in an information security role. • Must be a member of the Information and Communications Technology Association of Zambia (ICTAZ) • ZAQA verification certificates of all academic and professional certificates How to Apply Applicants complete the pre-application form https://forms.office.com/r/nDZi4ctjXk or by scanning the QR Code below: available link: ERB e-Job Application - Information Security Analyst 2/3 Applicants who meet ALL the minimum qualifications above will be invited to submit soft copies of the application letter, current Curriculum Vitae with two professional traceable referees, and ZAQA certified photocopies of Grade 12 School Certificate, Degree Certificate(s), and relevant professional qualifications. Application deadline: Friday, 26th September, 2025. ERB is an equal opportunity employer, both genders are encouraged to apply. Only shortlisted candidates will be contacted. All applicants engaged in any form of lobbying shall be disqualified.