IT Security Manager

Organisation: BRAC Uganda Bank Ltd

Duty Station:  Kampala, Uganda

Reports to: Head of Information Technology

 

About the Company:

BRAC Uganda Bank Ltd launched on 25 April 2019 and attained its current status as a Tier II Credit institution following a successful background as the leading Microfinances services provider in Uganda. The bank operates 32 regulated branches and 131 satellite offices covering 84 districts in Uganda targeting Micro, Small. and Medium Entrepreneurs. BRAC Uganda Bank Ltd promotes financial inclusion by extending financial services to unserved and underserved populations especially women and youth as well as people living in poverty in rural areas. The Bank is operationally and financially self-sustaining with over 231,000 active customers and a loan book in excess of Ushs.175 billion.

 

Job Summary: To plan, manage and coordinate BRAC Uganda Bank’s Information Security programs to ensure Confidentiality, Integrity & Availability of the Bank’s information Technology assets. The role will also manage the IT service continuity process by coordinating and supporting Business Continuity Management (BCM) and Disaster Recovery (DR) as well as Work Area Recovery (WAR) processes.

 

Key Duties and Responsibilities:

  • To design, implement and maintain a continually updated comprehensive IT security architecture.
  • To design and implement security controls by managing the assessment of IT programs against the policies and information security standards.
  • To lead the enforcement and maintenance of policies, procedures. measures and mechanisms to protect the confidentiality, integrity, and availability of information at BRAG Uganda Bank and deliver improved information security governance, risk and compliance.
  • Ensure information security is well coordinated in IT projects and innovations development life cycle.
  • Ensure compliance with all information security regulatory policies, guidelines and standards and provide regular communication of governance requirements to stakeholders.
  • Devise and implement an effective plan to deliver a satisfactory risk and audit profile for information security and achieve audit and assurance targets.
  • Develop and implement information security and disaster discovery programs in accordance with approved information security standards
  • Review the Business Continuity Management (BCM) plan prepared for all technology processes for adequacy and ensure required tests of the plan are executed and all test failures addressed.
  • Track and periodically report on the compliance of security controls and ensure timely remediation of lapses.
  • Coordinate with relevant stakeholders to review risk and compliance of all mission critical Information technology programs and implement measures to address notable risks and regulatory concerns.
  • Periodically avail relevant information security management assurance reports and attestations.
  • Coordinate periodic review & development of detailed Risk and Control Assessments for the department.
  • Ensure that processes, control requirements and risk management frameworks that impact mission critical IT assets are documented and understood by all relevant stakeholders.
  • Manage any third parties & vendors involved in information security programs. Ensure compliance with BUBL’s BCM framework by all vendors.
  • Manage Access Management operations and governance relating to systems. infrastructure. and user identity lifecycle management. Coordinate periodic evaluations of systems to ensure that appropriate controls and access levels are maintained.
  • Manage cyber incident response & containment plans.

 

Qualifications, Skills and Experience:

  • A bachelor’s degree in computer science. Cyber security or related field.
  • Professional training in areas such as Cyber operations and certifications such as Certified Ethical Harker (CEI-1), Certified Information Security Manager (CISM), Certified Information System Auditor (CISA), or Certified Information Systems Security Professional (CISSP) are an added advantage.
  • At least three years and above experience in a busy Information security domain.
  • Solid experience in cyber security controls and incident handling.

Knowledge, Skills &Competences

  • Information Security program design, governance, risk & compliance.
  • Ability to communicate security-related concepts to a broad range of technical and non-technical staff.
  • Strong knowledge of banking regulations / guidelines relating to cyber security and technology risk management.
  • Strong work ethic to adhere to timelines, leadership, interpersonal and analytical skills.
  • In-depth knowledge and experience in the following information security areas:
  • Vulnerability scanning and penetration testing
  • Enterprise-scale network, data center and host-based IDS architecture.
  • Secure messaging architecture.
  • Secure omnichannel systems architecture.

 

How to Apply:

All interested candidates should email their application letter, Curriculum Vitae, and copies of relevant academic documents, IN PDF FILE mentioning the job title as the subject matter to [email protected] All applications should be addressed to the Head Human Resource BRAC Uganda Bank Ltd

 

Deadline: 17th September 2024

 

Note: Only shortlisted candidates will be contacted.

Subscribe to our socials and stay tuned to the latest jobs