IT Security Specialist- Governance job at dfcu Bank
Website :
891 Days Ago
Linkedid Twitter Share on facebook

Vacancy title:
IT Security Specialist- Governance

[ Type: FULL TIME , Industry: Banking , Category: Computer & IT ]

Jobs at:

dfcu Bank

Deadline of this Job:
29 July 2022  

Duty Station:
Within Uganda , Kampala , East Africa

Summary
Date Posted: Tuesday, July 19, 2022 , Base Salary: Not Disclosed

Similar Jobs in Uganda
Learn more about dfcu Bank
dfcu Bank jobs in Uganda

JOB DETAILS:

dfcu Bank is a fast-growing Bank in Uganda offering a wide range of financial solutions to its chosen market segments. We are seeking to recruit for the role of IT Security Specialist- Governance in our Chief Operations Officer (COO) domain to support our expansion strategy.

REPORTING TO: Manager- IT Security, Standards and Architecture

JOB PURPOSE:
Reporting to the Manager- IT Security, Standards and Architecture, the role holder is responsible for conducting independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls. Works with technical teams and service providers to assess, identify and provide appropriate security mechanisms and solutions to be integrated into the bank’s systems operations and make recommendations for implementation.

KEY ACCOUNTABILITIES:
• Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.
• Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy.
• Assess all the configuration management (change configuration/release management) processes including Performing risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change.
• Provide input to the Risk Management Framework and compliance process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).
• Monitor targets and Key Risk Indicators across the IT function and report the violation of risk policy with proposal of appropriate measures.
• Facilitate and support the audit management process. Activities include coordinate IT based Audit assignments, audit issue consolidation, resolution, and closure.
• Review authorization and assurance documents to confirm that the level of risk is within acceptable limits for each software application, system, and network and ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
• Assure successful implementation and functionality of security requirements and appropriate information technology (IT) policies and procedures that are consistent with the organization’s mission and goals.
• Ensure that security design and cybersecurity development activities are properly documented (providing a functional description of security implementation) and updated, as necessary.
• Monitor, document and ensure resolution of all cyber/ information security incidents, implement incident handling and escalation procedures, and report all incidents to IT Security Manager, standards and Architecture, Head BT, and Operation Risk.

QUALIFICATIONS, EXPERIENCE and COMPETENCIES REQUIRED:
• A minimum qualification of a Bachelor’s Degree in Computer Science, Information Technology, or a related numerical sciences degree.
• Information Security and /or Information Technology industry certification (CISSP, CISM, CEH, CISSP-ISSMP, CISA, CRISC or GIAC equivalent) strongly preferred.
• At least 5 years’ experience with a minimum of 3 years exposure to reviewing and advancing Information Security in a bank/ financial services environment.
• Experience in assessing and mitigating technology risk (Solid understanding of Risk Management processes)
• Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
• Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
• Knowledge of authentication, authorization, and access control methods.
• Knowledge of the ISO 27002 Standard and PCI DSS.
• Knowledge of applicable business processes and operations of customer organizations.
• Knowledge of Cyber-Defense and vulnerability assessment tools and their capabilities.
• Knowledge of cryptography and cryptographic key management concepts.
• Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
• Skill in discerning the protection needs (i.e., security controls) of information systems and networks.
• Skill in identifying measures or indicators of system performance and the actions needed to improve or correct performance, relative to the goals of the system.
• Skill in recognizing and categorizing types of vulnerabilities and associated attacks.
• Skill in applying security controls.
• Advanced Business Architectural & IT Security skills.
• Analytical Thinking & Inductive Reasoning.
• Planning and Organization.
• Problem Solving.
• Strategic Perspective – Establish priorities, challenging goals and measurements consistent with these goals and organizational vision.
• Critical Judgement and Decision-Making – Define issues and focus on achieving workable solutions to obstacles.
• Good Communicator – Presents ideas effectively, clearly, and concisely both orally and in writing.
• Leadership and Interpersonal Skills – Create a culture of continuous development and ownership with self and the team.
• Inspire Commitment –Actions and behaviors are consistent with words.
• Self-Development – Pursues positive change in self and organization. Drives own personal development plan.


Work Hours: 8


Experience in Months: 60

Level of Education:
Bachelor Degree

Job application procedure

If you believe you meet the requirements as noted above, please forward your application with a detailed CV including present position and copies of relevant professional/academic certificates (University Transcript, O & A level), by close of business on Friday 29th July 2022 to the email address indicated below.

Vacanciesbank@dfcugroup.com 
dfcu Bank is committed to give equal opportunities in employment and aims to ensure that it does not discriminate against gender or race. Only short-listed candidates will be contacted through +256 312 300391.
Disclaimer: dfcu Bank does not solicit/accept payment in cash/kind from prospective candidates in exchange for shortlisting or job placement. Any candidate who engages in this kind of transaction is aiding and abetting fraud and will be automatically disqualified.


All Jobs

QUICK ALERT SUBSCRIPTION

Job Info
Job Category: Computer/ IT jobs in Uganda
Job Type: Full-time
Deadline of this Job: 29 July 2022
Duty Station: Kampala
Posted: 19-07-2022
No of Jobs: 1
Start Publishing: 19-07-2022
Stop Publishing (Put date of 2030): 20-07-2066
Apply Now
Notification Board

Join a Focused Community on job search to uncover both advertised and non-advertised jobs that you may not be aware of. A jobs WhatsApp Group Community can ensure that you know the opportunities happening around you and a jobs Facebook Group Community provides an opportunity to discuss with employers who need to fill urgent position. Click the links to join. You can view previously sent Email Alerts here incase you missed them and Subscribe so that you never miss out.

Caution: Never Pay Money in a Recruitment Process.

Some smart scams can trick you into paying for Psychometric Tests.