2 Jobs at KT Rwanda Networks Ltd | Kigali : Deadline: 16-07-2026

0
92

1. Information Security Risk & Compliance Officer

JOB VACANCY:

Position: Information Security Risk & Compliance Officer

Reports to: Information Security Manager

Type of Employment: Full-time

Job announcement Date: 9th July 2026

Role Summary:

The Information Security Risk & Compliance Officer drives the organization’s GRC programmes. You make sure security is well governed, risks are understood and managed, and the organization meets its legal, regulatory, and contractual obligations. You are the bridge between technical teams, management, and auditors, turning standards into clear policies and evidence.


Roles & Responsibilities:

  • Build and maintain the Information Security Management System (ISMS).
  • Write, review, and keep up to date security policies, standards, and procedures.
  • Report the organization’s risk and compliance posture to leadership with clear KPIs.
  • Plan and run risk assessments; identify, analyze, and prioritize risks.
  • Maintain the risk register and track treatment plans to completion.
  • Advise teams on controls needed to bring risks to an acceptable level.
  • Align the organization with standards and regulations (e.g. ISO/IEC 27001, NIST CSF, data protection laws, and local telecom and cybersecurity regulations issued by regulators such as RURA and the NCSA, among others).
  • Prepare for and support internal and external audits and certifications.
  • Audit the organization against the defined frameworks and run various assessments to verify and enforce regulatory obligations across all departments.
  • Manage findings, corrective actions, and evidence to closure.
  • Oversee third-party / vendor risk and compliance requirements.
  • Coordinate between IT, business units, legal / data protection, and auditors.
  • Support security awareness and training across the organization.
  • Establish and test business continuity and disaster-recovery arrangements (aligned with ISO 22301).
  • Coordinate security and privacy incident and breach reporting to regulators and authorities within required timelines.
  • Support data-protection activities, including data protection impact assessments (DPIAs) and records of processing.
  • Maintain the inventory and classification of information assets.
  • Monitor regulatory and standards changes and update the compliance programmes accordingly.
  • Oversee data protection, including records of processing, DPIAs, DSARs, and breach notifications.
  • Deliver security and role-based training among other policy bases awareness trainings.


Required Qualifications:

  • Having Bachelor’s Degree in Iinformation Technology, (IT) Security, Computer Science, Business Informatics, or a related field (Mandatory).
  • Professional certification such as ISO 27001 Lead Auditor / Implementer (Mandatory).
  • Certifications such as, CEH, CISA, CRISC, CISSP, GDPR, or CISM.

(Added advantage)

Required Experience:

  • 3+ years in information security governance, risk, and compliance (telecom or regulated industry preferred).
  • Good understanding of security standards and frameworks (e.g. ISO/IEC 2700x).
  • Understanding of local regulatory requirements, especially telecom and cybersecurity regulations issued by regulators such as RURA and the NCSA, among others, and the national data protection law.
  • Structured and analytical, able to work independently and manage multiple work streams.
  • Excellent documentation, report-writing, and communication skills; able to explain complex topics simply.
  • Experience with risk-assessment methodologies (e.g. ISO 27005).
  • Familiarity with data protection (GDPR) and regulatory frameworks (e.g. NIS2).
  • Experience preparing for audits and certifications.
  • Strong analytical skills and clear written and verbal communication


Application procedure:

Interested candidates are required to submit the following documents:

  • A signed application letter addressed to the Chief Executive Officer (CEO) of KTRN.
  • A copy of notarized required academic degree
  • A copy of a valid National Identity Card (ID);
  • A criminal Record
  • An updated Curriculum Vitae (CV) including at least three (3) professional referees and their contact details;
  • Supporting documents demonstrating the required work experience.
  • All application documents must be combined into a single PDF file and submitted via email to recruits@ktrn.rw no later than 16th July 2026 at 5:00 PM.
  • Only shortlisted candidates shall be contacted.

KTRN Management

Click here to visit the source


2. Cyber Security Engineer

Position: Cyber Security Engineer

Reports to: Information Security Manager

Type of Employment: Full-time

Job announcement Date: 9th July 2026

Job Summary:

The Cybersecurity Engineer keeps the organization secure by thinking like an attacker and defending like a professional. You spend most of your time on hands-on Red Team (offensive) and Blue Team (defensive) activities: finding weaknesses before adversaries do, and detecting, investigating, and responding to threats when they appear

Roles & Responsibilities:

  • Conduct internal and external vulnerability assessments and penetration tests across servers, endpoints, applications, perimeter/internet-facing assets, and telecom platforms.
  • Simulate real-world attacks (phishing, social engineering, exploitation) to test defenses and response readiness.
  • Exploit and document findings, then work with owners to get them fixed.
  • Track remediation and re-test to confirm issues are closed.
  • Lead the annual independent VAPT engagement and internal assessments required.
  • Monitor environment using SIEM, EDR, firewalls and Anti-DDoS; triage alerts and hunt for threats.
  • Detect, investigate, and respond to security incidents; contain, eradicate, and recover.
  • Perform root-cause analysis and write clear incident reports.
  • Perform basic malware analysis on suspicious files and indicators of compromise.
  • Harden systems: baseline configurations, patching, and detection rules.
  • Tune and maintain security tooling and detection content.
  • Develop security automation scripts and playbooks for faster detection and response.
  • Develop, test, and update incident response playbooks and run tabletop exercises; share findings and lessons learned.
  • Support security awareness and phishing-simulation programmes.
  • Secure, monitor, and harden network and telecom infrastructure (routers, switches, firewalls, and core telecom systems).
  • Coordinate vulnerability and patch management across systems and network devices.
  • Review the security of new systems, applications, and network changes before go-live.
  • Use threat intelligence to anticipate emerging threats and keep detection content up to date.
  • Produce weekly and monthly reports on incidents, attempts and threats with clear metrics & trends.
  • Prepare management-ready vulnerability reports with clear risk levels and remediation priorities.
  • Perform digital forensics and preserve evidence during investigations.
  • Review identity and access controls, including privileged accounts.
  • Collaborate across offensive and defensive activities to strengthen detection and response.


Required Qualifications:

  • Having Bachelor’s Degree in Information Technology (IT), Computer Science, or a related field (or equivalent experience) (Mandatory).
  • Hands-on penetration testing certification such as CEH Practical or equivalent (Mandatory).
  • Security certifications covering offensive (e.g. OSCP) and defensive (e.g. GCIH, GCIA, BTL1, CySA+, Blue Team), and skills foundational certs such as Security+ (Added advantage)

Required Experience:

  • 3+ years in VAPT, SOC, or security operations (telecom environment preferred).
  • Strong knowledge of networks, telecommunications, and operating systems (Windows/Linux), with deep understanding of attack and defence techniques (e.g. MITRE ATT&CK).
  • Understanding of local telecom and cybersecurity regulations and how they apply to security operations (e.g. regulations issued by regulators such as RURA and the NCSA, among others).
  • Hands-on with VAPT tools (Burp Suite, Nessus, Nipper, Metasploit), SIEM (e.g. ELK, Splunk, QRadar, Sentinel), EDR/XDR, and Anti-DDoS solutions.
  • Scripting / automation skills (Python, Bash, or PowerShell).
  • Familiarity with threat intelligence and detection engineering
  • Strong analytical skills and clear written and verbal communication.


Application procedure:

Interested candidates are required to submit the following documents:

  • A signed application letter addressed to the Chief Executive Officer (CEO) of KTRN.
  • A copy of notarized required academic degree
  • A copy of a valid National Identity Card (ID);
  • A criminal Record
  • An updated Curriculum Vitae (CV) including at least three (3) professional referees and their contact details;
  • Supporting documents demonstrating the required work experience.
  • All application documents must be combined into a single PDF file and submitted via email to recruits@ktrn.rw no later than 16th July 2026 at 5:00 PM.
  • Only shortlisted candidates shall be contacted

KTRN Management

Click here to visit the source










LEAVE A REPLY

Please enter your comment!
Please enter your name here