Job Title: Head of Secretariat Organisation: Danish International Development Assistance…
Assistant Manager – Information Security Employment Opportunity – Deposit Protection Fund of Uganda (DPF)
Job Title: Assistant Manager – Information
Security
Organization: Deposit
Protection Fund of Uganda (DPF)
Duty Station: Kampala, Uganda
Reports to: Head
Information Technology
About US:
The Deposit Protection Fund of Uganda (DPF) is a Ugandan
government agency that provides deposit insurance to depositors in Ugandan
Banks, Credit Institutions and Microfinance Deposit-taking Institutions (MDIs).
Job Summary: The Assistant Manager – Information Security
drives the IT security strategy and implementation whilst protecting the Fund
from security threats and cyber-attacks. Accordingly, a key element of the
Manager’s role is working with Management to determine acceptable levels of
risk for the Fund. He or she also ensures IT operational compliance to ISO and
other relevant standards.
Key Duties and Responsibilities:
·
Develop, implement and monitor a strategic,
comprehensive enterprise information security and IT risk management program.
·
Work directly with the business units to
facilitate risk assessment and risk management processes.
·
Develop and enhance an information security
management framework.
·
Understand and interact with related disciplines
through committees to ensure the consistent application of policies and
standards across all technology projects, systems and services.
·
Partner with the Fund’s stakeholders to raise
awareness of risk management concerns.
·
Assist with the overall business technology
planning, providing a current knowledge and future vision of technology and
systems.
·
Develop professionally written policy and
procedure proposals that clearly articulate the Fund’s value proposition.
·
Effectively communicates expectations and
responsibilities to all staff, Board of Directors and stakeholders.
·
Actively listens and addresses IT information
security issues and concerns promptly.
·
Provide regular updates on the status of the
Information Security to Management.
·
Oversees information security awareness training
programs for all approved systems users.
·
Coordinates information security and risk
management with other business units
·
Develops, maintains, and ensures adherence to
policies and procedures related to IT security/privacy.
·
Ensures continued compliance of the Information
Security Program with applicable laws and regulations.
·
Develops and reviews security policies and
standards.
·
Conducts information security risk assessments
and develops actionable plans to protect the Fund.
·
Oversees the dissemination of cybersecurity
policies, standards, best practices and education to technical personnel with
privileged access.
·
Oversees security operations center activities
and ensures prevention and detection mechanisms and practices remain current
with cyber threats.
·
Manages major incident containment,
investigation, communication and reporting activities.
·
Reviews and updates security team member roles
and responsibilities.
·
Establishes goals, objectives, priorities and
performance expectations for the Information Security Office, security teams
and security team members.
·
Aligns system-level objectives with
organizational strategic plans.
·
Develops operating budget and capital requests.
·
Monitors financial performance and adjusts
resources to maximize profitability while maintaining exceptional quality and
service.
·
Continuously monitors and assesses the
effectiveness of the Fund’s Information Security Program, and initiates,
develops, and implements tactical and strategic changes in response to changes
strategies, operations and the information security threat landscape.
·
Oversee the overall security architecture,
strategy, and necessary budget.
·
Oversee cyber incident response planning.
·
Review investigations after breaches or
incidents, including impact analysis and recommendations for avoiding similar
vulnerabilities.
·
Conducts research and provide updates on
industry trends, standards and practices.
·
Creates, communicate and implements a risk-based
process for vendor risk management.
·
Maintain a current understanding of the cyber
threat landscape.
·
Constantly updates the cybersecurity defense
technologies to leverage new technology and threat information.
·
Performs other work-related duties as assigned,
within your scope of practice.
Key Results:
·
IT configuration documents and status reports.
·
Periodic training needs assessments and quality
reviews.
·
Test Plans for business applications, testing
schedules and reports.
·
Service Call updates, IT system incidents,
applications and database status reports.
·
Technical documentation of IT Policies, Current
Practices (MCPs), Standard Operating Procedures (SOPs) and Technical feature
specifications for new systems.
·
Presentations to the Executive Management and/or
the Board of Directors.
Qualifications, Skills and Experience:
·
The ideal candidate for the Deposit Protection Fund
of Uganda (DPF) Assistant Manager – Information Security job placement must
hold a first-class or upper second-class bachelor’s degree in computer science,
information systems management or related field, from an accredited
institution, is essential.
·
Professional IT security management
certification in one or more of the following professional certifications:
CISCO, CISSP, CISM, CGEIT, SANS/GIAC is essential.
·
5+ years of experience in a combination IT
information security or related field is essential.
·
A Master’s degree in a relevant field is
desired.
·
Knowledge of common information security
management frameworks, such as ISO/IEC 27001, and NIST is desired.
·
Experience with contract and vendor negotiations
and management including managed services is desired.
·
Specific experience in Agile (scaled) software
development or other best in class development practices is desired.
·
Experience with cloud computing or elastic
computing across virtualized environments is desired.
Competencies:
Technical Competencies
·
Previous IT information security experience.
·
Experience in IT project management.
·
Risk Assessment experience.
·
Technical knowledge of different types of
networking, applications and operating systems.
·
HIPAA and PCI DSS regulatory compliance
knowledge.
·
Excellent verbal and written communication
skills.
Behavioral Competencies
·
Accountability and Dependability: Takes personal
responsibility for the quality and timeliness of work and achieves results with
little oversight.
·
Transparency and Integrity: Earns others’ trust
and respect through consistent honesty and professionalism in all interactions.
·
Team spirit and collaboration: Promotes
cooperation and commitment within the team to achieve the Fund’s organizational
goals and deliverables. Builds constructive working relationships characterized
by a high level of acceptance, cooperation, and mutual respect
·
Adaptability and Flexibility: Adapts to changing
needs, conditions, and work responsibilities.
·
Self-Management and thoroughness: effectively
manage own time, priorities, and resources to achieve goals. Ensures that work
is complete and accurate and independently follows up with others to ensure
that agreements and commitments have been fulfilled.
·
Communication: Shares and receives information
using clear oral, written and interpersonal communication skills.
·
Stress Tolerance and tact: Maintains composure
in highly stressful or adverse situations, diplomatically handles challenging
or tense interpersonal situations.
·
Employee Engagement and enthusiasm: Demonstrates
commitment to the job, colleagues, the Fund and its mission by acting in ways
that further the accomplishment of its goals.
·
People Management: Leads and engages people to
maximize organizational and individual performance through alignment with the
Fund’s mission and attainment of strategic and operational goals.
·
Coaching and Mentoring: Enables co-workers to
grow and succeed through feedback, instruction, and encouragement. Influences
others to be excited and committed to furthering the Fund’s objectives. ability
to gain other’s support for ideas, proposals, and solutions.
How to Apply:
All suitably qualified and interested candidates are
encouraged to apply online at the link below.
Deadline: 30th
January 2020 by 5:00pm
For more of the latest jobs, please visit https://www.theugandanjobline.com or
find us on our facebook page https://www.facebook.com/UgandanJobline