Job Title: NSSF Student Internship 2024 (40 No Experience Fresh…
IT Career Jobs – Information Security Compliance Manager at National Information Technology Authority-Uganda (NITA-U)
Job
Title: Information Security
Compliance Manager
Organization: National Information Technology
Authority-Uganda (NITA-U)
Reports to: Director – Information
Security
Salary Scale: N/MA/N3
Authority-Uganda (NITA-U)
Reports to: Director – Information
Security
Salary Scale: N/MA/N3
About
NITA-U:
The National Information Technology Authority-Uganda (NITA-U) was established
as a statutory body under the National Information Technology Authority, Uganda
Act, 2009 as one of the key players in the Information and Communications
Technology Sector. Its mandated is to coordinate, promote and monitor IT
development within the context of national social and economic development,
with a vision as “a facilitator of a knowledge-based, globally competitive
Uganda where social transformation and economic development is supported
through IT enabled services.”
NITA-U:
The National Information Technology Authority-Uganda (NITA-U) was established
as a statutory body under the National Information Technology Authority, Uganda
Act, 2009 as one of the key players in the Information and Communications
Technology Sector. Its mandated is to coordinate, promote and monitor IT
development within the context of national social and economic development,
with a vision as “a facilitator of a knowledge-based, globally competitive
Uganda where social transformation and economic development is supported
through IT enabled services.”
Job Summary: The Manager will
possess the primary responsibility for a comprehensive security program that
includes information security policies, compliance, and governance.
Key
Duties and Responsibilities:
Duties and Responsibilities:
- Serves
as the subject matter expert in the development, implementation, and
maintenance of information related to all aspects of compliance. - Partners
with internal teams to manage control oversight, testing, gap analysis,
remediation tracking, compliance documentation and evidence collection. - Identify
opportunities and develops tactical and strategic solutions for enterprise
service delivery to meet regulatory compliance requirements in a holistic
manner. - Complete
risk assessments and perform in-depth analysis of mitigating controls and
financial risk, and documenting the risk. - Provide
expert advice, ensuring compliance, and conformance, on information risk
analysis/management. - Develop,
implement and enforce suitable and relevant information security policies,
ensuring that these are compliant with legislations and regulations
related to information security; reviewing policies on a regular basis. - Develop
and implement, together with suitable materials, an information security
awareness and training programme. - Contribute
to Business Continuity planning, training and processes. - Investigate
suspected and actual breaches of security and undertake reporting/remedial
action as required. - Maintain
a log of any incidents and remedial recommendations and actions. - Continuously
assess the shortfall between both actual security measures in place and
being effective and those established at a policy level thus highlighting
deficiencies for remedial action. - Establish
and maintain a register of data owners for sets of information (e.g. paper
files, databases) and educate the data owners on their responsibilities
(what is the data, how is it used, who has access to it). - Maintain
Risk, Issue and Change registers for information security. - Offer
advice and take action, where necessary, in response to Audit findings and
recommendations in respect of information security. - Develop
and implement a corporate culture of compliance and information security.
Qualifications,
Skills and Experience:
Skills and Experience:
- The
applicant should possess a Bachelor’s degree in Computer Science,
Information Technology, Information Science, Information Systems information
Security or a related field from a recognized university - A
Certified Information Systems Security Professional (CISSP) or Certified
Information Security Manager (CISM) or Certified Information Security
Auditor (CISA) credential is an added advantage - A
post graduate in a relevant field will be an added advantage. - The
applicant should possess at least three years’ experience in regulatory
compliance oversight or information risk management. - Networking
and Operating Systems certifications / credentials. - Wide
understanding of information security
knowledge and experience - Proficiency
working with recognized IT Security-related standards, technologies,
principles, and practices (including ISO17799/27001). - Significant
broad IT experience, at least some of which has been in a security role. - Thorough
understanding of security requirements of Sarbanes-Oxley, ISO Certifications
and Data Privacy laws. - Working
knowledge of applicable laws and the law enforcement community. - Project
management, collaboration, communication and organizational skills. - Ability
to work on own initiative as well as in a team;
Excellent business acumen; - Capacity
to establish credibility, and trust and partnership;
Analytical and problem –solving skills; - Excellent
interpersonal and communication and report writing skills; - Experience
with business continuity/disaster recovery planning and auditing.
Experience in the development and delivery of training material. - Experience
in Open Systems, Internet and network security products and platforms,
including intrusion detection/prevention, incident response and
investigation, vulnerability assessments, data loss prevention and
penetration testing
How
to Apply:
to Apply:
All suitably qualified and
interested candidates who meet the job requirements/specifications and with the
right personal attributes are invited to submit their application form (which
can be down loaded from the NITA-U official website www.nita.go.ug), with a
cover letter, curriculum vitae, and must specify day time telephone contact, postal
and email addresses of both the applicant and three referees, copies of
certificates and testimonials to the address below. Applicants must also submit
with their application verifiable evidence supporting previous relevant
appointments such as appointment letters and employment contracts.).
interested candidates who meet the job requirements/specifications and with the
right personal attributes are invited to submit their application form (which
can be down loaded from the NITA-U official website www.nita.go.ug), with a
cover letter, curriculum vitae, and must specify day time telephone contact, postal
and email addresses of both the applicant and three referees, copies of
certificates and testimonials to the address below. Applicants must also submit
with their application verifiable evidence supporting previous relevant
appointments such as appointment letters and employment contracts.).
NB:
No application will be accepted without a duly signed standard application
form.
No application will be accepted without a duly signed standard application
form.
The Executive Director,
National Information Technology
Authority – UGANDA (NITA-U),
Palm Courts, Plot 7A, Rotary Avenue (former lugogo bypass)
P.O. Box 33151, Kampala-Uganda
Tel: 0417 801 038
National Information Technology
Authority – UGANDA (NITA-U),
Palm Courts, Plot 7A, Rotary Avenue (former lugogo bypass)
P.O. Box 33151, Kampala-Uganda
Tel: 0417 801 038
Or via email: hr@nita.go.ug This e-mail
address is being protected from spambots. You need JavaScript enabled to view
it
Deadline:
14th October, 2013 by 5 PM
14th October, 2013 by 5 PM
For
More Ugandan Jobs, Please Visit https://www.theugandanjobline.com or
find us on our facebook page https://www.facebook.com/UgandanJobline