JOB DETAILS:

Job Summary:

ABC is seeking a highly skilled Information Security and Quality Assurance Engineer to join our Risk and Compliance team in Uganda. The role requires a unique blend of security expertise and hands-on QA/testing capabilities to ensure that our systems, platforms, and applications are secure, resilient, and perform reliably.

The successful candidate will be responsible for designing and implementing security controls, conducting vulnerability assessments, and leading QA efforts across feature testing, integration testing, and regression testing. This hybrid role is critical to safeguarding our IT infrastructure while ensuring that product releases meet the highest quality and compliance standards. It bridges the gap between security and quality, ensuring that ABC delivers secures, compliant, and reliable financial technology products to our clients and partners.

Key Duties and Responsibilities:

Information Security (60%)

1. 1. Design, implement, and maintain security frameworks aligned with ISO 27001, PCI DSS, and local regulatory requirements (e.g., Bank of Uganda).
   2. Perform regular vulnerability assessments, penetration testing & reviews, and security audits across infrastructure and applications.
   3. Monitor and manage security monitoring tools (e.g., SIEM, IDS/IPS, PAM, endpoint protection).
   4. Work with engineering teams to embed security into the SDLC, including code reviews and DevSecOps pipelines.
   5. Investigate and respond to security incidents, breaches, or anomalies, providing root cause analysis and remediation steps.
   6. Support compliance reporting and audits with external regulators, partners, and vendors.

Quality Assurance & Testing (40%)

1. Lead QA efforts across feature testing, integration testing, and regression testing.
2. Develop and execute manual and automated test cases to ensure system reliability and quality.
3. Validate new features, system integrations, and updates before production release.
4. Build and maintain automated regression testing suites for critical platforms.
5. Collaborate with product and engineering teams to ensure all releases are secure, stable, and high-quality.
6. Identify, document, and track bugs/issues through resolution using standard defect management tools (e.g., JIRA, Azure DevOps).

Job Requirements:

Qualifications & Skills

Education & Experience

1.      Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field.

2.      2–4 years of combined experience in Information Security or Security Engineering and hands on QA/ testing experience, preferably in fintech, banking, or SaaS platforms.

Technical Skills

1.      Strong understanding of network security, firewalls, VPNs, encryption, IAM, and PAM tools.

2.      Experience with security compliance frameworks (ISO 27001, PCI DSS, NIST, GDPR).

3.      Knowledge of application security testing tools (e.g., OWASP ZAP, Burp Suite, Nessus).

4.      Proficiency in QA methodologies, tools, and frameworks (e.g., Selenium, JUnit, TestNG, Postman).

5.      Hands-on experience with integration and regression testing in distributed/microservices environments.

6.      Familiarity with cloud platforms (AWS, Azure, GCP) and DevSecOps pipelines.

Soft skills

1.      Strong analytical and problem-solving skills.

2.      Excellent communication and documentation skills.

3.      Ability to work cross-functionally with IT, product, and operations teams.

4.      Self-driven, detail-oriented, and capable of working independently with minimal supervision.

5.      Ability to balance security and product delivery priorities in a fast-paced environment.

Preferred (Nice to have)

1. Relevant certifications such as CISSP, CEH, CISM, CompTIA Security+, ISTQB, or Certified QA Engineer.
2. Experience in banking, fintech, or regulated financial services environments.
3. Exposure to automated compliance monitoring and AI-driven QA/security tools.

Benefits:

• Hands-on experience in Information Security and Quality Assurance within the fintech sector.
• Exposure to banking and payment systems operations.
• Career growth and professional development.
• Opportunity to be part of a dynamic team and build a professional network.