Back to Jobs
149

Network Security Engineer

Company: Roshan (TDCA)
Education: Bachelor's Degree
Location: Kabul
Work Duration: Full Time
Gender: Any
Announcement Date: 16 Apr, 2025
Closing Date: 16 May, 2025
Reference No: 007
Number of Vacancies: 1
Salary: According to the company's salary structure.
Experience: Four years of experience
Probationary Period: Three months
Contract Type: Permanent
Submission Email: hr@roshan.af
About Roshan (TDCA)

Roshan (Telecom Development Company Afghanistan Ltd) is the leading telecommunications provider in Afghanistan, offering coverage in more than 230 cities and towns and serving around 3.5 million active subscribers. The company employs over 1,100 people directly and supports over 25,000 through indirect employment. Since its launch six years ago, Roshan has invested roughly $430 million in Afghanistan, making it the country’s largest investor and taxpayer. Committed to Afghanistan’s reconstruction and socio-economic progress, Roshan counts the Aga Khan Fund for Economic Development (AKFED)—a part of the Aga Khan Development Network (AKDN)—as a key shareholder. AKFED focuses on fostering private sector growth and building sustainable enterprises in developing regions. Roshan is also partially owned by Monaco Telecom International (MTI) and TeliaSonera, combining international expertise with a dedication to delivering top-tier network quality and coverage across Afghanistan.

Job Summary

Ensuring the confidentiality, integrity, and availability of corporate information.

Job Responsibilities

The Network Security Engineer reports to the Information Security Manager and is responsible for the following key duties:

1. Network Security Implementation

  • Design, implement, and maintain robust security infrastructure, including network segmentation and Privileged Access Management, involving firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and other critical security devices.
  • Enforce and manage network access controls to prevent unauthorized access and ensure alignment with security policies.
  • Deploy, configure, and administer Security Information and Event Management (SIEM) systems to collect, analyze, and correlate data from diverse sources.
  • Develop and optimize SIEM rules and correlation logic for accurate threat detection and timely incident response.
  • Monitor SIEM alerts, investigate anomalies, and respond promptly to potential security threats.

2. Security Policy Development

  • Develop, maintain, and enforce comprehensive security policies and procedures to safeguard against security risks.
  • Stay current with industry best practices and emerging threats to continuously enhance security frameworks.

3. Vulnerability Assessment and Penetration Testing

  • Perform routine vulnerability assessments to identify and remediate weaknesses in the network infrastructure.
  • Conduct penetration testing to simulate cyber-attacks and uncover exploitable vulnerabilities.

4. Security Compliance

  • Ensure compliance with relevant industry standards and regulatory frameworks, including ISO 27001 and NIST.
  • Collaborate with internal and external auditors to demonstrate adherence to security policies and procedures.

5. Network Monitoring and Optimization

  • Manage SIEM systems for continuous, real-time network and security monitoring.
  • Optimize network performance while maintaining stringent security measures.
Job Requirements

Number of Direct Reports and Their Positions:

  1. Information Security Manager
  2. IT Director

This position requires frequent interaction with:

  1. Internal Stakeholders: All business units handling Roshan's information.
  2. External Stakeholders: Vendors and service providers who interact with or process Roshan’s sensitive information.

Academic Qualifications

  1. A Bachelor’s degree is required (preferably in Computer Science, Cybersecurity, or a related field).
  2. Professional certifications such as CCNA, CCNP Security, OSCP, or equivalent are mandatory.

Experience

  • Minimum of 4 years of experience in information security, information technology, or a related field.

Skills and Competencies

  1. Bachelor's or master’s degree in Computer Science, Cybersecurity, or a related field.
  2. Proven experience in penetration testing, ethical hacking, or red teaming engagements.
  3. Strong knowledge of cybersecurity vulnerabilities, attack vectors, and exploitation techniques.
  4. Proficiency with endpoint protection, Endpoint Detection and Response (EDR), and Extended Detection and Response (XDR).
  5. Skilled in using security tools such as Metasploit, Burp Suite, Nessus, and Nmap.
  6. Solid understanding of network protocols, operating systems, and web application security.
  7. Familiarity with security frameworks and methodologies including OWASP, MITRE ATT&CK, and PTES.
  8. Strong analytical and problem-solving skills, with the ability to think both creatively and strategically to identify and exploit vulnerabilities.
  9. Excellent documentation and communication skills, capable of presenting complex technical information to both technical and non-technical stakeholders.
  10. A mindset geared toward continuous learning and staying current with emerging threats, vulnerabilities, and security technologies.
  11. Additional certifications such as OSCE, GPEN, or GXPN are highly desirable.

Submission Guideline

Interested candidates are invited to submit their CVs to the following email address:

📧 hr@roshan.af

Back to Jobs