Job Title: IT Security Risk Manager
Organisation: DFCU Bank
Duty Station: Kampala, Uganda
Reports to: Head of Risk and Compliance
DFCU Limited was started by the Commonwealth Development Corporation (CDC) of the United Kingdom and the Government of Uganda through the Uganda Development Corporation (UDC) under the name of Development Finance Company of Uganda Limited. Later restructuring brought in DEG (of Germany) and International Finance Corporation (IFC) as equal partners with CDC and UDC, each having a 25% stake in the company. Its objective was to support long-term development projects whose financing needs and risk did not appeal to the then existing financial commercial lending institutions.
Job Summary: The IT Security Risk Manager will be responsible for ensuring confidentiality, integrity and availability of the information technology environment wherein conducting periodic risk assessments, evaluations of appropriate security controls, security awareness and proactive compliance with industry regulations in regards to information security.
Key Duties and Responsibilities:
- Work collaboratively wit h other information technology professional responsible for user security and access controls to review levels of access and changes to the technology environment for risk
- Offer oversight of the Vulnerability Management program
- Develop the information security strategy in conjunction with the technology group within the bank.
- Develop and maintain Information Security risk assessments designed to evaluate inherent risks, controls and residual risks.
- Do regular assessments of security controls and evaluate results relative to risk assessment.
- Ensure that bank culture maintains a commitment to security.
- Develop effective Information Security policies and standards whilst working with the IT department.
- Monitor compliance and develop plans for compliance with regards to Information Security.
- Establish and maintain successful external relationships with security technology and service providers, industry experts, local law enforcement, industry consortiums and regulatory agencies.
- Evaluate compliance and develop plans for compliance with regards to Information Security
- Educate bank employees and act as a champion for compliance throughout the dfcu bank.
- Advocate for security controls that mitigate unacceptable risks within dfcu bank.
- Supervise security awareness activities for bank employees and customers.
- Perform any other related duties as assigned or requested.
Qualifications, Skills and Experience:
- The candidate should possess a relevant Bachelor’s Degree with a significant background in Information Security and Business Management or any other related discipline.
- At least three years of relevant information security experience
- Good understanding and knowledge of the current technology and regulatory trends affecting financial institution Information Security programs
- Experience managing projects and programs to achieve Information Security Objectives.
- Proven exceptional communication skills i.e. both written and verbal
- Proven ability to analyse security and technology control effectiveness
- Latest working knowledge on technology trends in multiple facets
- Ability to prioritise and multi-task in a high pressure environment
- Excellent interpersonal skills i.e. ability to work with a variety of people with different proficiencies in Information Security
How to Apply:
All candidates with the necessary credentials are required to send a cover letter, CV with the relevant copies of academic certificates to the: Head of Human Resources, dfcu Bank, 2nd Floor, Jinja Road, P.O. Box 70, Kampala, Uganda.
Deadline: 31st December, 2013