IT Risk Officer – BANK OF AFRICA – UGANDA Ltd

BANK OF AFRICA –
UGANDA Ltd.
is part of GROUPE BANK OF AFRICA (BOA) comprising fifteen
commercial banks, three leasing companies, two life-insurance companies, two
investment companies, a stock brokerage company and an ICT subsidiary. It spans
14 African countries namely Uganda, Kenya, Tanzania. Benin. Burkina Faso, Cote
D’lvoire, Madagascar, Mali, Niger, Senegal, Burundi, Ghana, Djibouti, DR Congo
as well as representative office in France. BOA employs over 4,000 people and
believes in transparency, expertise, proximity and responsibility. BOA – UGANDA
is seeking applications from suitably qualified persons who are accomplished to
take up the following position.


IT Risk Officer
Location: Head Office
Reporting to: Head of Risk
and Compliance
Grade: Manager Level, BG5


Overall
role:
The role
holder will partner with various stakeholders of the business to assess
relevant IT and IS systems whilst adopting a risk based approach. To provide IT
expertise with regards to Information Security and other IT-related business
processes and oversee the ongoing management of information security policies,
procedures, and technical systems in order to maintain the confidentiality, integrity,
and availability of all of the Bank’s information systems. To ensure that the
access control, disaster recovery, business continuity, incident response, and
risk management needs of the Bank are properly addressed; and to measure,
analyze, monitor and control the Bank’s risk exposures.
Key
Responsibilities:

1. Prepare, implement and review the Bank’s IT security policy,
procedures, controls and standards for both existing and new applications;
2. Ensure reviews are conducted to ensure that all systems have effective,
quality IT security documentation in place, including: Qualitative risk
assessments; Current and effective IT security plans; Annual system
self-assessments; Current and tested contingency plans; and Current
certification and accreditation.
3. Conduct self-assessments of the Bank’s IT Security Program to ensure the
Bank’s effective implementation of and compliance with established policies and
procedures;
4. Address/correct any weakness identified during assessments and audit exercises;
5. Monitor business systems through adequate audit logging, scanning, and
monitoring processes;
6. Establish and implement a process to ensure that all users receive periodic
IT security awareness briefings and copies of rules of behavior, are trained to
fulfill their IT security responsibilities, and understand the consequences of
non-compliance;
7. Monitor, document and ensure resolution of all incidents, implement incident
handling and escalation procedures, and report all incidents to the Head of
Risk and Compliance;
8. Ensure mat IT security is addressed in the development and acquisition
process of information systems and security related products and services;
9. Monitor and enforce internal risk policies (e.g., credit , market risk,
operational risk policy);
10. Report violations of risk policy with a proposal of appropriate measures;
11. Assist the business/support units to manage and implement risk management
mechanisms;
12. Monitor developments in risk management approaches in the industry, assess
viability and recommend actions for implementation;
13. Monitor targets/Key Performance Indicators (KPIs) across functions; and
14 Perform any other duties that may be assigned from time to time by the Head
of Risk and Compliance.
Knowledge,
Skills and Experience
  • Bachelors Degree ICT, Computer Science or a related field
  • CISA and other related Certified / Professional qualification in ICT an added
    advantage
  • 3 years’ experience with exposure to reviewing and advancing IT Security in a
    bank environment
  • Experience in assessing technology risk
How
to apply:
Applicants should
send job applications, up-to dale curriculum vitae and copies of academic
certificates through courier or hand delivery to the address below by 18th June 2012. Your application should
include three references, none of whom should be your relative and all of whom
should have supervised you, taught you or known you through your work. Only
short listed applicants will be contacted. If you do not hear from us by 30th June 2012 please
consider your application as unsuccessful.
THE MANAGING DIRECTOR BANK OF AFRICA – UGANDA Ltd Plot 45 Jinja Road P.O. Box
2750, Kampala

Leave a Reply

Your email address will not be published. Required fields are marked *