The Ugandan Jobline

• The
  IT Risk Officer will prepare, implement and review the Bank’s ICT security
  policy, procedures, controls and standards for both existing and new
  applications
• Ensure
  that all reviews are conducted to ensure that all systems have effective,
  quality ICT security documentation in place, including: qualitative risk
  assessments; current and effective ICT security plans; annual system
  self-assessments; current and tested contingency plans; and current
  certification and accreditation
• Carry
  out regular Business Impact Assessment, and derive Business Continuity
  Plans and a standing Disaster Recovery Plan for the Bank
• Conduct
  self-assessments of the Bank’s ICT Security Program to ensure the Bank’s
  effective implementation of and compliance with established policies and
  procedures and best practices
• Address/correct
  any weakness identified during assessments and audit exercises
• Actively
  monitor business systems through adequate audit logging, scanning, and
  monitoring processes
• Establish
  and implement a process to ensure that all users receive periodic ICT
  security awareness briefings and communicate rules of behavior, train
  staff to fulfill their ICT security responsibilities
• Monitor,
  document and ensure resolution of all incidents, implement incident
  handling and escalation procedures, and report all incidents to the Head
  of Risk
• Ensure
  that ICT security is addressed in the development and acquisition process
  of all Information Systems and Security Related products and services
• Monitor
  and enforce internal risk policies related to ICT
• Actively
  monitor and report any violations of ICT risk policy and proposal of
  appropriate response measures
• Assist
  the business/support units to manage and implement ICT risk management
  mechanisms
• Monitor
  developments in ICT risk management approaches in the industry, assess
  viability and recommend actions for implementation and improvement
• Perform
  any other duties that may be assigned from time to time by the Head of
  Risk

• The
  Bank’s IT Risk Officer should hold a Bachelor’s degree in ICT, Computer
  Science or a related field
• CISM,
  CISA or CISSP and other related Professional Certification in ICT Risk
  Management is desirable
• Project
  management certification is an added advantage
• At
  least three years’ experience in ICT operations or IT security related
  work
• Good
  grasp and exposure to risk management processes including Business Impact
  Analysis, Business Continuity Planning,
• Disaster
  Recovery Planning, ICT Change Management etc
• Past
  experience or qualifications in Oracle databases, networks and systems
  administration, ICT projects and related operations
• Business
  acumen, planning and project management skills
• Excellent
  analytical skills
• Strong
  communication and presentation skills
• Excellent
  interpersonal skills with ability to influence people across the Bank and
  teamwork skills
• Initiative
  / self -drive, monitoring and follow up skills
• Ability
  to work in a fast-paced and results oriented environment

• Applications
  received after the deadline will not be accepted
• All
  applicants who do not meet all the above requirements will not be
  considered
• Only
  selected candidates will be contacted within two weeks from the deadline
• Canvassing
  or non-disclosure of relations with current BOA staff when requested will
  lead to automatic disqualification

Related Jobs