IT Security Officer

Right to Care Zambia

Right to Care is at the vanguard in supporting and delivering prevention, care, and treatment services for HIV and associated diseases. We work with government and communities to find pioneering solutions to build and strengthening public healthcare.

We embrace a strong entrepreneurial culture and focuses on innovation and the use of technology to enhance services, address skills shortages, and deliver quality healthcare outcomes. Our areas of expertise include HIV and TB care and treatment, pharmacy automation, medical male circumcision, and cervical cancer diagnosis and treatment.

In 2021, Right to Care Zambia was awarded a five-year project funded by USAID through the PEPFAR mechanism. The USAID Action HIV project aims to reduce HIV mortality, morbidity and transmission by achieving the UNAIDS and PEPFAR goal of 95/95/95 HIV treatment coverage by providing comprehensive HIV Prevention, Care and Treatment maintenance services in Luapula, Northern and Muchinga provinces of Zambia. The USAID Action HIV project will work closely with and in support of the Ministry of Health.

Minimum Required Qualifications and Experience:

  • A bachelor’s degree from an accredited tertiary institution in a technology related field.
  • Security+/SSCP or other relevant accredited courses in IT risk management and compliance / or information security.
  • Two years’ experience job related experience in IT Security operations, with a technology background and a good understanding of IT governance and risk management. High proficiency in the Microsoft Office suite and other software tools.

Desirable Qualifications

  • CASP+/CRISC /CSSP or other relevant accredited courses in IT risk management and compliance / or information security.
  • Three years’ experience job related experience in IT Security, with a technology background and a good understanding of IT governance and Risk Management. High proficiency in the Microsoft Office suite and other software tools.


  • Confidence and self-control
  • Ethics and integrity
  • Initiative
  • Planning organizing
  • Professionalism


  • Identify and manage all the IT risks applicable to RTCZ’s environment.
  • Ensure the nature and size of IT risks is well understood and owned at the right levels in the business.
  • Monitor, identify and communicate external new and emerging IT risk/threats and testing adequacy of existing controls in relation to this and recommending actions for improvement.
  • Provide support in the implementation of process-based IT risk and control assessments in business.
  • Develop and maintain IT Risk Register.
  • Ensure that staff adhere to IT policies and procedures.
  • Conduct awareness training on IT policies and procedures.
  • Manage information security compliance findings, issues, and risks.
  • Report on the status of compliance to ICT management.
  • Maintenance of expert knowledge on relevant legislative amendments, industry best practices and provision of proactive advice and solutions to relevant stakeholders.
  • Management of the IT disaster recovery plan, including making updates, changes, business impact assessment and testing the plan regularly.
  • Perform vulnerability and penetration testing and advise remediation for identified vulnerabilities.
  • Conduct regular information security awareness campaigns and programs to all staff.
  • Identify and advise on information security related matters in all IT projects.
  • Document any security breaches and assess their damage.
  • Promote adherence of principles of data protection
  • Implement adequate policies and procedures to regulate the processing of personal data.
  • Ensure integrity of personal data using appropriate methods
  • Implement measures necessary to prevent misuse, unauthorized access to, modification, disclosure or destruction of personal data.


  • Applications in the form of a cover letter and CV must be submitted to
  • All applicants are required to complete an online competency assessment accessible using this link –
  • Only applicants that complete the two steps above will be considered.

By applying for the above-mentioned position, you consent to Right to Care to conduct qualification, ID, criminal and reference checks (internal and external) which forms part of the Company’s recruitment policy and procedure. Should you not receive a response to your application from Right to Care within one month of this advert being placed, kindly consider your application as being unsuccessful.

Applicants are required to complete all screening assessment questions and completion of competency assessment using the link provided above for the application of this position to be complete. Only applicants meeting the strict criteria outlined above will be contacted as part of the shortlisting process.  Right to Care reserves the right to withdraw the vacancy at any time for whatever reason.

Right to Care is an equal opportunity affirmative action employer. The Company’s approved Employment Equity Plan and Targets will be considered as part of the recruitment process.  As an Equal Opportunities Employer, we actively encourage and welcome people with various disabilities to apply.

Right to Care Zambia is aware of fraudulent activities by certain individuals claiming to be representatives of the organization.

Be advised that Right to Care does not charge any fee at any stage of the recruitment process, and as such Right to Care Zambia assumes no responsibility for any announcements or activities by such individuals or entities.

To apply for this job email your details to