Director Information Security Employment Opportunity – National Information Technology Authority-Uganda (NITA-U)

Organisation: National
Information Technology Authority-Uganda (NITA-U)
Duty Station: Kampala,
Reports to: Executive
Ref: NITA/FA/003
About US:
The National
Information Technology Authority-Uganda (NITA-U) was established as a statutory
body under the National Information Technology Authority, Uganda Act, 2009 as
one of the key players in the Information and Communications Technology Sector.
Its mandated is to coordinate, promote and monitor IT development within the
context of national social and economic development, with a vision as “a
facilitator of a knowledge-based, globally competitive Uganda where social
transformation and economic development is supported through IT enabled
Job Summary:  The Director Information Security will act as
the focal point and responsible for nationwide planning, development,
coordination, management, continuous monitoring and assurance of National
Information Security in conjunction with relevant directorates and agencies.
Key Duties and Responsibilities: 
Oversee the preparation and implementation of the
directorate’s operational plan and budgets
Develop the National Information Security Strategy
Carry out quarterly assessments of IT security risks
in MDAs /LGs (including security risks of new technology and applications) and
communicate these assessments to the Top Management of the MDs / LGs
Develop, implement and manage a living National
Information Security Risk Register which will timely advise Government on what
mitigation programmes should be implemented to reduce residual risks to
acceptable levels.
Develop and implement an information security
program for MDAs / LGs, in conformance with relevant National and International
Security standards.
The incumbent will develop, maintain and promote a
consistent set of recommended standards for information security in MDAs / LGs,
together with the appropriate guidelines procedures
Ensure the implementation of the prescribed
standards and controls. Ensure that they are reviewed and audited in line with
International Information Security standards and that deficiencies are
identified and responded to
Ensure that the MDAs / LGs comply with appropriate
International Information security standards, guidelines and procedures
Oversee and take ownership of Information Security
Certification Process for MDAs / LGs.
Coordinate the development and testing of the
required Business Continuity Plans (BCP) and Disaster Recovery Plans (DRP) for
all the critical IT systems and applications that have been identified in MDAs
/ LGs.
Provide consultancy in respect of information
security and contribute to security reviews of information systems and investigations
of security incidents.
Act as Uganda Government Virus focal point in
respect of anti-virus measures, response procedures and incident
investigations. Plan and implement contingency measures to minimise disruption;
assist with developing fall-back plans and procedures.
Ensure the establishment and management of the
National Computer Emergency Response Team (CERT).
Make sure that the Implementation of Public Key
In charge of the establishment and management of the
National Computer Forensic team.
Significantly contribute to reviews of new security
technology in MDAs / LGs.
Oversee the creation of the National Information
Security Forum and its operations
Work in liaison with all National Information
Security personnel and teams in MDAs / LGs.
Guide on Research and Development in the field of Information
Security in Uganda.
Conduct and coordinate specialized ICT forensic
audits to establish the root causes of Information Security incidents to
determine extent of information security breaches to mitigate re-occurrence
Represent NITA-U in all regional and international
information security forums
Perform any other duties which may be assigned from
time to time
Qualifications, Skills and
The applicant should hold a Master’s degree in
Information Technology or related discipline from a recognized/reputable
academic institution; Possession of a PhD in relevant fields is an added
Relevant Information Security accreditation from
recognized professional bodies/associations e.g. CISSP, CISM, Certified
Information Systems Auditor (CISA)
A minimum of ten years’ experience in management of
infrastructure services with a reputable organization of which six years should
have been at senior management level
Five years’ experience in management of Information
security at senior level.
Previous exposure and experience in developing and
implementing information security compliance programmes in large organisations
is an added advantage
Prior experience in development of information security
guidelines and procedures is an added advantage.
How to Apply:
All candidates
who meet the job requirements/specifications and with the right personal
attributes are invited to complete and submit their application form, download
,  with a cover letter,
supported by curriculum vitae, copies of certificates and testimonials, and
must specify day time telephone contact, postal and email addresses of both the
applicant and three referees, to the address below.
The Executive
Information Technology
Authority –
Palm Courts,
Plot 7A, Rotary Avenue (Former Lugogo Bypass)
P.O. Box 33151,
Or via email:
(application must not exceed 10MBs)
Applicants must
also submit with their application verifiable evidence supporting previous
relevant appointments such as appointment letters and employment contracts.
Deadline: 17th December, 2015
(Not later than 17.00 hrs. Local Time).
NB: No application will be accepted without a duly
completed and signed standard application form (refer to above).
For more of the
latest jobs, please visit
or find us on our facebook page


Leave a Reply

Your email address will not be published.