20 – Cybersecurity Specialist

Job Description

Company: Tunga

We are looking for an experienced Cybersecurity Specialist for our client, a social enterprise in the health sector operating across multiple African countries. Following a recent coordinated cyberattack, the immediate priority is to remediate residual vulnerabilities in a health application and establish a stronger, long-term security posture. This is a phased engagement – starting with urgent remediation, progressing through a full vulnerability assessment and penetration testing programme, and culminating in an ongoing biannual security retainer.
Key Responsibilities
• Review and implement outstanding security recommendations on a compromised health application, confirm the attack vector is fully closed, and verify no backdoors or persistence mechanisms remain
• Conduct a comprehensive vulnerability assessment across all in-scope assets including the public-facing website, health application, product application, supporting APIs, backend services, and data stores
• Identify vulnerabilities across authentication and session management, injection risks, insecure data storage and transmission, access control and privilege escalation, security misconfigurations, and outdated components
• Execute internal and external penetration tests to validate exploitability of identified weaknesses and model the real-world threat landscape
• Deliver clear, structured reports including a remediation confirmation report, vulnerability assessment report, penetration test report, and a prioritized remediation roadmap
• Propose and support the establishment of an ongoing biannual security review and advisory retainer
Required Skills and Experience
• Proven hands-on experience conducting vulnerability assessments and penetration testing (both internal and external) across web and/or mobile applications
• Strong knowledge of common vulnerability domains: injection attacks, authentication weaknesses, access control flaws, insecure data handling, and security misconfigurations
• Experience assessing APIs, backend services, and supporting infrastructure
• Ability to implement security fixes directly and provide clear remediation guidance to engineering teams
• Experience in healthcare, NGO, or social enterprise environments – particularly involving sensitive health data – is a strong advantage
• Strong written communication skills: able to produce reports that are accessible to non-technical leadership while retaining sufficient technical depth for engineering partners

Source: DailyRemote