Summary
Date Posted: Tuesday, April 12, 2022 , Base Salary: Not Disclosed

JOB DETAILS:
IT Security Risk Manager (1 Position)
dfcu Bank is a fast-growing Bank in Uganda offering a wide range of financial solutions to its chosen market segments. We are seeking to recruit for the position IT Security Risk Manager in our CRO domain to support our expansion strategy.
JOB PURPOSE:
Reporting to the Head of Operational Risk Management, the role holder will be responsible for upholding confidentiality, integrity, and availability of the information technology environment by ensuring responsibility for ongoing risk assessment, evaluation of appropriate security controls, development and monitoring of policies and standards, security awareness and proactive compliance with industry regulations related to information security.
LOCATION: Kampala

KEY ACCOUNTABILITIES:
• Work closely with Information Technology professionals responsible for user security and access controls to review privileged levels of access and changes to the technology environment for risk.
• Oversight of the vulnerability management program.
• Develop the information security workplan, policies and standards in conjunction with the technology team within the Bank.
• Develop and maintain information security risk assessments designed to evaluate inherent risks, controls, and residual risks. Effectively advocate within the business for security controls that mitigate unacceptable risks.
• Oversee security awareness activities for bank employees and customers. Ensure that bank culture maintains a commitment to security.
• Support the first line to design, implement, and maintain the organization’s cybersecurity plan and perform assurance checks on this plan.
• Perform assessment of security controls and evaluate results relative to risk assessment.
• Work with Information Technology and other business unit stakeholders during project and product development efforts and work as well with Business Technology to ensure that appropriate security controls are considered during vendor selection and development efforts.
• Monitor regulations and technology trends that affect financial institutions. Evaluate compliance and develop plans for compliance with regards to information security. Educate bank employees and act as a champion for compliance throughout the bank.
• Establish and maintain successful external relationships with security technology and service providers, industry experts, local law enforcement, industry consortiums, and regulatory agencies.
• Ensure the integrity of Information Security controls in the business through enforcement of self-assessments (RCSA/KRIs) and giving prompt feedback to the first line of defence. Actively participate in a robust review and challenge process with technology inclined units on their Risk & Control Self Assessments and overall performance.
• Follow up and ensure that all Technology related Internal/External Audit and BOU inspection findings have been fully resolved and that no repeat findings arise in subsequent audits.
• Conduct periodic risk-based Unit assurance reviews to monitor how effective their risk management practices are and recommend remedial actions where there are control weaknesses.
• Support the bank’s digital strategy by performing the quality assurance role on bank projects while ensuring any risks/threats to the bank’s technology platforms are proactively identified and advised to the Head of Operational Risk Management or CRO.
• Coordination of the bank’s Business Continuity Management activities including review of the Disaster Recovery Plan, testing of this plan and quality assurance of the same.
• Monitoring and review of IT related SLAs.
• Develop and maintain a procedure for monitoring system support and performance levels.

KNOWLEDGE, SKILLS, AND EXPERIENCE REQUIRED:
• Bachelors or Graduate degree with sufficient background in information security and business management disciplines.
• Professional digital security certifications in relevant technologies such as Cisco, Microsoft, CISSP, Unix / Linux will be an added advantage.
• 7 years’ working experience of which 3 should be in an information security related role.
• Experience managing projects and programs to achieve information security objectives.
• Demonstrated exceptional written and verbal communication skills.
• Understanding of current technology and regulatory trends affecting financial institution information security programs.
• Excellent interpersonal skills and the ability to work effectively with people in a wide range of positions and levels.
• Demonstrated ability to analyze security and technology control effectiveness.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Good analytical decision making skills to enable the effective handling of all systems while retaining the integrity of data.
• Ability to be proactive and lead cross-functional teams to achieve information security objectives.
• Good report writing techniques in order to review and redesign operational and management information reports to suit departmental reporting purposes.
• nix / Linux will be an added advantage.
• Excellent communications and engagement skills.
• Strong attention to detail and personal effectiveness.
• High-level of integrity and standards.
• Self-drive and initiative.
• Customer Dedication and Community Immersion.
• Ability to build relationships.
• Team Player.
• Creative Initiative.
• Unafraid to take responsibility, partner with the business whilst retaining independence to provide challenge to the business.
• Ability to work effectively with local contemporaries and peers in other clusters and regions to maintain a collaborative culture.

Work Hours: 8

Experience in Months: 84

Level of Education: Bachelor Degree

Job application procedure
If you believe you meet the requirements as noted above, please forward your application with a detailed CV including present position and copies of relevant professional/academic certificates (University Transcript, O & A level), by close of business on Tuesday 19th April 2022 to the email address indicated below;
Vacanciesbank@dfcugroup.com 

All Jobs

QUICK ALERT SUBSCRIPTION