Incident Response Specialist – Ict – Level 8 (1 Post)
Ict & Computer Jobs
Job Description
Applications are invited from suitably qualified persons to fill the following posts within the Zimbabwe Revenue Authority (ZIMRA) – an equal opportunity employer.
Duties and Responsibilities
Key Responsibilities
▪ Lead the containment, eradication and recovery phases of escalated cybersecurity incidents, ensuring incident closure SLA compliance and recovery time objectives are met
▪ Execute incident response playbooks and coordinate forensic evidence collection, maintaining playbook adherence and complete evidence trails
▪ Ensure incident documentation meets regulatory and audit standards, maintaining compliance scores and producing audit-defensible artefacts).
▪ Escalate systemic threats, recommend mitigation measures, maintain risk register updates and track mitigation actions
▪ Document lessons learned, update SOC playbooks and contribute to post-incident reviews ensuring playbooks are updated per incident cycle
▪ Apply SOC standards, conduct peer reviews of incident documentation and embed continuous improvement practices; maintain peer review compliance
▪ Provide technical guidance and mentoring to SOC Analysts during incident response, contributing to skills development and maintaining skills matrix updated quarterly
▪ Coordinate forensic evidence collection, eradication procedures and service restoration in line with SOC playbooks across critical systems
▪ Participate in cybersecurity drills, red team/blue team exercises and disaster recovery simulations.
▪ Contribute to intelligence-enriched monitoring by correlating threat feeds and indicators of compromise (IOCs) against real-time alerts in the SIEM platform.
Qualifications and Experience
Job Skills and Competencies
Understanding of common security standards and regulations relating to information systems (e.g., PCI DSS, ISO27001, COBIT, NIST)
Demonstrate exposure to incident detection and escalation, service request handling, vulnerability identification and containment actions
▪ Experience working in multi-disciplinary teams (IT, Risk, Audit, Compliance) to ensure coordinated response.
▪ Strong knowledge of network protocols, log analysis and intrusion detection systems (IDS/IPS).
▪ Experience with endpoint detection and response (EDR) tools; familiarity with threat intelligence feeds, correlation rules and basic forensic analysis.
▪ A strong understanding of common security standards and regulations relating to information systems as well as risk related control frameworks and practices such as ITIL, ISO, COBIT, NIST Cyber Security
Qualifications and Experience
▪ Bachelor’s Degree in ICT, Computer Science, Information Systems, Cybersecurity, or equivalent discipline.
▪ Must have at least one of the following Certification: CISM; CISSP; CEH; CHFI; CompTIA Security+; GIAC Security Essentials (GSEC); SANS Cyber Incident Response (CIR GIAC Cyber Threat Intelligence (GCTI) COBIT; ISO 27001, ITIL or a comparable security certification.
▪ Minimum of three (3) year experience in ICT of which One (1) year should be in ICT security, or equivalent experience in areas such as ICT Risk Management or ICT Audit
How to Apply
Interested candidates should submit applications, accompanied by a detailed Curriculum Vitae by 19 May 2026. All applications should be emailed to ZimraRecruitment@zimra.co.zw with the position title clearly stated in the email subject line, e.g. Head ICT Operations & Service Delivery – ICT Level 5. The applications should be
addressed to:
Director Human Capital
Zimbabwe Revenue Authority
6th Floor ZB Centre
Corner First Street / Kwame Nkrumah Avenue
P. O. Box 4360
HARARE
Please note that only shortlisted applicants will be responded to and females are encouraged to apply.