_edited.png){kind=small}
Share this Job:
IT Security Risk Manager job at Exim Bank (Uganda) Limited | Apply Now
Are you looking for Information Technology Jobs in Uganda 2024? If yes, then you might be interested in IT Security Risk Manager job at Exim Bank (Uganda) Limited
Kampala, Uganda
Full-time
Deadline:
August 16, 2024 at 2:00:00 PM
About the Organisation
Exim Bank (Uganda), commonly known as Exim Bank, is a commercial bank in Uganda. It is one of the commercial banks licensed by the Bank of Uganda, the central bank and national banking regulator.
.png)
Job Title
IT Security Risk Manager job at Exim Bank (Uganda) Limited
Job Description
Responsible for establishing and maintaining a bank-wide information security management program to ensure that information assets are adequately protected. He/she is responsible for identifying, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements, aligns with and supports the enhancement of the Information Technology risk posture of the bank.
Duties and Responsibilities
Conducting vulnerability assessments to identify security weaknesses within the bank's technology environments. i.e., test and identify network and system vulnerabilities, identify risk tolerances, recommend treatment plans, and disseminate reports about residual risk.
Analysis of information protection technologies and processes including information databases and applications to identify technology security weaknesses and potential risks.
Conduct risk assessments of data processing systems to confirm the design of logical controls and ensure that they are effective and meet business practices and regulatory and legal requirements.
Regular risk reviews on Interface reconciliations to ensure that entries in CBS agree to interface/payment systems. i.e., regular spot checks.
Ensuring that audit trails, system logs, and other monitoring data sources are reviewed periodically and comply with IT policies and audit requirements.
Regular review of system user access rights and profiles including super user counts for all critical systems.
Regular risk reviews on cash deposit machines (CDMs), ATMs, and other delivery channels, including offsite ones.
Conducting data protection and privacy risk assessments in line with the Data Protection Act, regulations, and the bank’s policies.
Conducting vendors’/third parties’ risk-based reviews/assessments.
Provide oversight and guidance during security incidents and investigations, ensure root cause analysis is undertaken, and recommend suggested approaches to deal with lessons identified and ensure timely reporting/adequate participation in the investigation of IT security incidents.
In collaboration with the IT department, offer guidance/Subject Matter Expertise for future system enhancements in line with the bank’s overall strategy.
Create and manage information security and risk management awareness training programs for employees including all approved system users.
Identify, communicate, and manage current and emerging security threats with relevant stakeholders.
Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable.
Work directly with the business units to facilitate IT risk assessment and risk management processes, and work with stakeholders throughout the bank on identifying acceptable levels of residual risk.
Work with various stakeholders to identify information asset owners to classify data and systems as part of the control framework implementation.
Independently assess, monitor and report on the bank’s back-up procedures and offer quality assurance on the bank’s overall Disaster Recovery Plan (DRP), including the tests thereof.Design, coordinate, and oversee security testing procedures to verify the security of systems, networks, and applications, and manage the remediation of identified risks.
Review the change management process ensuring that all changes in the system have corresponding approvals.
Ensure that security programs comply with relevant laws, regulations, and policies to minimize risk and audit findings.
.png)
Qualifications and Competencies
Proficient communication skills with the ability to present to all levels of audiences.
Good understanding of IT networking and access management concepts.
Ability to maintain a high degree of professionalism with a high commitment to quality.
Ability to understand and assess technology systems and applications from both a technical and business function perspective.
Strong interpersonal skills, supervisory and managerial skills to lead and encourage a team.
A high degree of confidentiality, dependability, and initiative.
ACADEMIC AND PROFESSIONAL REQUIREMENTS.
A bachelor's degree in information systems, computer science, or a related field.
Possession of additional certifications like Certified Information Systems Auditor (CISA), Certified Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), etc.
Minimum 6 Years experience, 2 must be in a supervisory role specifically in Information security.
How to Apply
APPLICATION FOR THIS POSITION MUST BE DONE ONLINE:
Kindly send your cover letter and up-to-date CV to hr@eximbank-ug.com with the subject: JOB APPLICATION: INFORMATION SECURITY MANAGER by close of business,
0
PRO CV WRITER
Increase your chances of getting hired with the perfect resume
Let us help you create a perfect CV and Cover Letter!
30% higher chance of getting a job
42% higher response rate from recruiter
Interview Pack @ shs. 5,000 only
Related Jobs
You may also Like!
.png)
