View more 3 weeks ago
NSSA is an organisation undergoing a transformation journey to position itself as a modern and relevant entity that delivers real value to its members through responsive social security services. In addition, we strive to stimulate economic activity, generate foreign currency, and create jobs for the benefit of Zimbabweans.
The new NSSA conducts its business in an honest, accountable, and transparent manner and we seek to recruit like-minded individuals in the following areas:
Reporting to the Applications Security Analyst, the successful candidate supports the organisation’s data protection and information security programme by implementing and monitoring controls that safeguard sensitive information. The role focuses on internal controls, data classification, data loss prevention and data retention controls, ensuring alignment with the Cyber and Data Protection Act (CDPA), ISO 27001 and internal ICT security policies through continuous monitoring, data protection operations, incident response and the application of security controls.
Job Summary
- Type: contract
- Location: Harare
- Category: Information Security
- Closing Date: 2026-06-05
Key Responsibilities
- Guides implementation of CDPA and internal data protection requirements by interpreting policy obligations, determining when DPIAs are required, coordinating compliance activities with departments, and ensuring personal data processing follows approved Authority standards across the data lifecycle.
- Applies privacy-by-design and security-by-design principles to new systems, procurement, digital initiatives and process changes, ensuring personal data risks are identified, assessed, and mitigated throughout the entire data lifecycle.
- Oversees monitoring of data-related security alerts, advises on containment and escalation of incidents, coordinates investigative activities with affected units, and ensures breach notification and remediation comply with CDPA and internal policies.
- Evaluates vulnerabilities that may expose personal or sensitive information, recommends riskaligned remediation priorities, advises technical teams on corrective measures, and ensures systems handling personal data maintain secure configurations.
- Interprets and applies access control and leastprivilege policies, supports access reviews for systems handling sensitive and personal information align with privacy and security requirements. personal data is safeguarded from unauthorised access.
- Implements and configures data protection and security controls – including DLP, endpoint protection, email filtering, access controls and secure system settings – to ensure systems handling personal and sensitive information align with privacy and security requirements.
- Assesses privacy and data protection risks associated with vendors, service providers and datasharing arrangements, ensuring external parties comply with Authority data protection standards and contractual requirements.
- Promotes responsible data handling by coordinating awareness programmes, advising departments on privacy responsibilities, and reinforcing behaviours that support a strong data protection culture across the Authority.
Requirements
- Degree in Computer Science, Information Systems, Software Engineering, ICT Cybersecurity or equivalent.
- Data Protection Officer Certification is mandatory.
- At least one of the following certifications is required: ISO 27001 Lead Implementer, CDPSE, CEH, CISA, CIPM, CISSP or Security+ Experience.
- A minimum of 3 years’ experience in information security, data protection operations, or ICT security.
How to Apply
Interested candidates should apply online using NSSA website (www.nssa.org.zw) on the following link www.nssa.org.zw/careers
To reach not later than close of business on Friday 5th June 2026.
About the Company
In Zimbabwe the National Social Security Authority (NSSA), constituted and established in terms of the NSSA Act of 1989, Chapter 17: 04 DOWNLOAD: NATIONAL SOCIAL SECURITY AUTHORITY ACT 17 04 (PDF 128.4 KB), is the statutory corporate body tasked by the Government to provide social security. The provision of social security can be defined as instituting public policy measures intended to protect an individual in life situations or conditions in which his/her livelihood and well being may be threatened, such as those engendered by sickness, workplace injuries, unemployment, invalidity, old age, retirement and death. It is based on the principle of social solidarity and pooling of resources and risks, involving drawing of savings from periods of employment, earnings and good health to provide for periods of unemployment, old age, invalidity and death. At the moment NSSA is administering two schemes: Pension and Other Benefits Scheme and Accident Prevention and Workers’ Compensation Scheme, although, in an endeavor to provide a more comprehensive social security package for the Zimbabwean society, groundwork for the introduction of more schemes is underway.