IT Career Jobs – Information Security Compliance Manager at National Information Technology Authority-Uganda (NITA-U)

Title: Information Security
Compliance Manager

Organization: National Information Technology
Authority-Uganda (NITA-U)
Reports to: Director – Information
Salary Scale: N/MA/N3


The National Information Technology Authority-Uganda (NITA-U) was established
as a statutory body under the National Information Technology Authority, Uganda
Act, 2009 as one of the key players in the Information and Communications
Technology Sector. Its mandated is to coordinate, promote and monitor IT
development within the context of national social and economic development,
with a vision as “a facilitator of a knowledge-based, globally competitive
Uganda where social transformation and economic development is supported
through IT enabled services.”

Job Summary: The Manager will
possess the primary responsibility for a comprehensive security program that
includes information security policies, compliance, and governance.

Duties and Responsibilities:

  • Serves
    as the subject matter expert in the development, implementation, and
    maintenance of information related to all aspects of compliance.
  • Partners
    with internal teams to manage control oversight, testing, gap analysis,
    remediation tracking, compliance documentation and evidence collection.
  • Identify
    opportunities and develops tactical and strategic solutions for enterprise
    service delivery to meet regulatory compliance requirements in a holistic
  • Complete
    risk assessments and perform in-depth analysis of mitigating controls and
    financial risk, and documenting the risk.
  • Provide
    expert advice, ensuring compliance, and conformance, on information risk
  • Develop,
    implement and enforce suitable and relevant information security policies,
    ensuring that these are compliant with legislations and regulations
    related to information security; reviewing policies on a regular basis.
  • Develop
    and implement, together with suitable materials, an information security
    awareness and training programme.
  • Contribute
    to Business Continuity planning, training and processes.
  • Investigate
    suspected and actual breaches of security and undertake reporting/remedial
    action as required.
  • Maintain
    a log of any incidents and remedial recommendations and actions.
  • Continuously
    assess the shortfall between both actual security measures in place and
    being effective and those established at a policy level thus highlighting
    deficiencies for remedial action.
  • Establish
    and maintain a register of data owners for sets of information (e.g. paper
    files, databases) and educate the data owners on their responsibilities
    (what is the data, how is it used, who has access to it).
  • Maintain
    Risk, Issue and Change registers for information security.
  • Offer
    advice and take action, where necessary, in response to Audit findings and
    recommendations in respect of information security.
  • Develop
    and implement a corporate culture of compliance and information security.


Skills and Experience:

  • The
    applicant should possess a Bachelor’s degree in Computer Science,
    Information Technology, Information Science, Information Systems information
    Security or a related field from a recognized university
  • A
    Certified Information Systems Security Professional (CISSP) or Certified
    Information Security Manager (CISM) or Certified Information Security
    Auditor (CISA) credential is an added advantage
  • A
    post graduate in a relevant field will be an added advantage.
  • The
    applicant should possess at least three years’ experience in regulatory
    compliance oversight or information risk management.
  • Networking
    and Operating Systems certifications / credentials.
  • Wide
    understanding of  information security
    knowledge and experience
  • Proficiency
    working with recognized IT Security-related standards, technologies,
    principles, and practices (including ISO17799/27001).
  • Significant
    broad IT experience, at least some of which has been in a security role.
  • Thorough
    understanding of security requirements of Sarbanes-Oxley, ISO Certifications
    and Data Privacy laws.
  • Working
    knowledge of applicable laws and the law enforcement community.
  • Project
    management, collaboration, communication and organizational skills.
  • Ability
    to work on own initiative as well as in a team;
    Excellent business acumen;
  • Capacity
    to establish credibility, and trust and partnership;
    Analytical and problem –solving skills;
  • Excellent
    interpersonal and communication and report writing skills;
  • Experience
    with business continuity/disaster recovery planning and auditing.
    Experience in the development and delivery of training material.
  • Experience
    in Open Systems, Internet and network security products and platforms,
    including intrusion detection/prevention, incident response and
    investigation, vulnerability assessments, data loss prevention and
    penetration testing


to Apply:

All suitably qualified and
interested candidates who meet the job requirements/specifications and with the
right personal attributes are invited to submit their application form (which
can be down loaded from the NITA-U official website, with a
cover letter, curriculum vitae, and must specify day time telephone contact, postal
and email addresses of both the applicant and three referees, copies of
certificates and testimonials to the address below. Applicants must also submit
with their application verifiable evidence supporting previous relevant
appointments such as appointment letters and employment contracts.).


No application will be accepted without a duly signed standard application


The Executive Director,
National Information Technology
Authority – UGANDA (NITA-U),
Palm Courts, Plot 7A, Rotary Avenue (former lugogo bypass)
P.O. Box 33151, Kampala-Uganda
Tel: 0417 801 038

Or via email: This e-mail
address is being protected from spambots. You need JavaScript enabled to view

14th October, 2013 by 5 PM


More Ugandan Jobs, Please Visit   or
find us on our facebook page

Leave a Reply

Your email address will not be published.