Application Security Specialist×3

Position: Application Security Specialist – ICT, Level 8
Vacancies: 3

Key Responsibilities
1. Implement and manage application security controls, including secure coding standards, vulnerability scanning, and patch verification.
2. Assess, prioritize, and resolve application security alerts, maintain records of known issues, and track trends over time.
3. Keep updated records, audit trails, and compliance documentation for application security in line with ICT policy.
4. Identify application vulnerabilities, escalate unresolved risks, and propose mitigation measures to the Security Architecture Manager.
5. Maintain an updated inventory of enterprise applications, check patch status, and ensure secure configuration settings are applied.
6. Capture lessons from security incidents, update secure coding guidelines, and contribute to the organization’s knowledge base.
7. Enforce application security standards, conduct peer reviews, and support continuous improvement while ensuring compliance.
8. Guide developers, trainees, and interns on secure coding practices, support skills development, and update skills matrices quarterly.
9. Report systemic risks, suggest mitigation actions, maintain the risk register, and track resolution progress.
10. Participate in cybersecurity exercises such as red team/blue team simulations and disaster recovery tests.
11. Carry out additional duties as assigned by the Security Architecture Manager.

Job Skills and Competencies
1. Experience with application security testing tools such as OWASP ZAP, Burp Suite, and Veracode.
2. Knowledge of secure coding practices across languages including Java, .NET, PHP, and Python.
3. Experience collaborating with multidisciplinary teams in IT, Risk, Audit, and Compliance to coordinate responses.
4. Ability to work independently under pressure, including in environments requiring 24/7 monitoring.
5. Strong communication and presentation skills, with the ability to work effectively in collaborative settings.
6. Good planning and time management capabilities.
7. Able to work with minimal supervision.
8. Solid organizational and people management skills.

.

Qualifications and Experience
1. Degree in Computer Science, Information and Communication Technology, or a related discipline.
2. Hold at least one certification such as CISA, CISM, CISSP, Certified Secure Software Lifecycle Professional, OWASP Application Security Verification Standard Practitioner, or an equivalent security certification.
3. Minimum 3 years’ experience in ICT, with at least 1 year in ICT security, application development, application security, or software development assurance
How to Apply
Send your application with a detailed CV to ZimraRecruitment@zimra.co.zw by 19 May 2026. Put the job title in the email subject line, for example: Head ICT Operations & Service Delivery – ICT Level 5.

Address applications to:
Director Human Capital
Zimbabwe Revenue Authority
6th Floor ZB Centre
Corner First Street / Kwame Nkrumah Avenue