IT Career Jobs – Information Security Compliance Manager at National Information Technology Authority-Uganda (NITA-U)

Job
Title: Information Security
Compliance Manager

Organization: National Information Technology
Authority-Uganda (NITA-U)
Reports to: Director – Information
Security
Salary Scale: N/MA/N3

About
NITA-U:

The National Information Technology Authority-Uganda (NITA-U) was established
as a statutory body under the National Information Technology Authority, Uganda
Act, 2009 as one of the key players in the Information and Communications
Technology Sector. Its mandated is to coordinate, promote and monitor IT
development within the context of national social and economic development,
with a vision as “a facilitator of a knowledge-based, globally competitive
Uganda where social transformation and economic development is supported
through IT enabled services.”


Job Summary: The Manager will
possess the primary responsibility for a comprehensive security program that
includes information security policies, compliance, and governance.

Key
Duties and Responsibilities:

  • Serves
    as the subject matter expert in the development, implementation, and
    maintenance of information related to all aspects of compliance.
  • Partners
    with internal teams to manage control oversight, testing, gap analysis,
    remediation tracking, compliance documentation and evidence collection.
  • Identify
    opportunities and develops tactical and strategic solutions for enterprise
    service delivery to meet regulatory compliance requirements in a holistic
    manner.
  • Complete
    risk assessments and perform in-depth analysis of mitigating controls and
    financial risk, and documenting the risk.
  • Provide
    expert advice, ensuring compliance, and conformance, on information risk
    analysis/management.
  • Develop,
    implement and enforce suitable and relevant information security policies,
    ensuring that these are compliant with legislations and regulations
    related to information security; reviewing policies on a regular basis.
  • Develop
    and implement, together with suitable materials, an information security
    awareness and training programme.
  • Contribute
    to Business Continuity planning, training and processes.
  • Investigate
    suspected and actual breaches of security and undertake reporting/remedial
    action as required.
  • Maintain
    a log of any incidents and remedial recommendations and actions.
  • Continuously
    assess the shortfall between both actual security measures in place and
    being effective and those established at a policy level thus highlighting
    deficiencies for remedial action.
  • Establish
    and maintain a register of data owners for sets of information (e.g. paper
    files, databases) and educate the data owners on their responsibilities
    (what is the data, how is it used, who has access to it).
  • Maintain
    Risk, Issue and Change registers for information security.
  • Offer
    advice and take action, where necessary, in response to Audit findings and
    recommendations in respect of information security.
  • Develop
    and implement a corporate culture of compliance and information security.

 

Qualifications,
Skills and Experience:

  • The
    applicant should possess a Bachelor’s degree in Computer Science,
    Information Technology, Information Science, Information Systems information
    Security or a related field from a recognized university
  • A
    Certified Information Systems Security Professional (CISSP) or Certified
    Information Security Manager (CISM) or Certified Information Security
    Auditor (CISA) credential is an added advantage
  • A
    post graduate in a relevant field will be an added advantage.
  • The
    applicant should possess at least three years’ experience in regulatory
    compliance oversight or information risk management.
  • Networking
    and Operating Systems certifications / credentials.
  • Wide
    understanding of  information security
    knowledge and experience
  • Proficiency
    working with recognized IT Security-related standards, technologies,
    principles, and practices (including ISO17799/27001).
  • Significant
    broad IT experience, at least some of which has been in a security role.
  • Thorough
    understanding of security requirements of Sarbanes-Oxley, ISO Certifications
    and Data Privacy laws.
  • Working
    knowledge of applicable laws and the law enforcement community.
  • Project
    management, collaboration, communication and organizational skills.
  • Ability
    to work on own initiative as well as in a team;
    Excellent business acumen;
  • Capacity
    to establish credibility, and trust and partnership;
    Analytical and problem –solving skills;
  • Excellent
    interpersonal and communication and report writing skills;
  • Experience
    with business continuity/disaster recovery planning and auditing.
    Experience in the development and delivery of training material.
  • Experience
    in Open Systems, Internet and network security products and platforms,
    including intrusion detection/prevention, incident response and
    investigation, vulnerability assessments, data loss prevention and
    penetration testing

 

How
to Apply:

All suitably qualified and
interested candidates who meet the job requirements/specifications and with the
right personal attributes are invited to submit their application form (which
can be down loaded from the NITA-U official website www.nita.go.ug), with a
cover letter, curriculum vitae, and must specify day time telephone contact, postal
and email addresses of both the applicant and three referees, copies of
certificates and testimonials to the address below. Applicants must also submit
with their application verifiable evidence supporting previous relevant
appointments such as appointment letters and employment contracts.).

 

NB:
No application will be accepted without a duly signed standard application
form.

 

The Executive Director,
National Information Technology
Authority – UGANDA (NITA-U),
Palm Courts, Plot 7A, Rotary Avenue (former lugogo bypass)
P.O. Box 33151, Kampala-Uganda
Tel: 0417 801 038

Or via email: hr@nita.go.ug This e-mail
address is being protected from spambots. You need JavaScript enabled to view
it



Deadline:
14th October, 2013 by 5 PM

 

For
More Ugandan Jobs, Please Visit https://www.theugandanjobline.com   or
find us on our facebook page https://www.facebook.com/UgandanJobline

Related Jobs