Senior ICT Risk Analyst Jobs – Pride Microfinance

  Banking Jobs in Uganda, Information Technology (IT) and Data Jobs in Uganda

Job Title:  Senior ICT Risk Analyst    

Organisation: Pride Microfinance Limited (MDI)

Duty Station:  Kampala, Uganda

 

About the Company:

Pride Microfinance Limited (MDI) is a Microfinance Deposit- taking Institution regulated and supervised by Bank of Uganda (BoU) under the MDI Act, 2003 and MDI Regulations, 2004 with a capital base of Ugx. 168.6 billion. Pride’s purpose is transforming lives responsibly. Pride offers innovative financial solutions to largely people at the base of the economic pyramid and serves its customers through 42 networked branches and 5 contact offices spread across the country and implements sustainability sound practices throughout its business operations to create a positive impact through three sustainability pillars; economic, environment, and social as well as contributing to the Sustainability Development Goals (SDGs) and their investable sub-goals that relate to microfinance activities.

 

Job Summary:   The Senior Risk Analyst will report to the Head of Risk and will be based at Head Office. He/ she will be responsible for the evaluation of complex risks to Pride’s information systems, define appropriate security behaviors and practices and monitor adherences to the set standards to meet Management expectations and to adhere to regulatory, legal and partner requirements.

 

Key Duties and Responsibilities:   Specific responsibilities include:

  • Create and manage an Institution wide map (cartography) of the storage areas and flows of sensitive data in view of appropriately securing them in line with relevant policies.
  • Create the appropriate security framework around every business project to ensure the appropriate and successful implementation of business initiatives and to reduce risk exposure based on risk appetite.
  • Identify and evaluate threats to the Institution’s information assets and their mitigating controls while considering the current risk appetites to reduce the impact and probability of occurrences of threats applicable to the organization at an acceptable level.
  • Implement and execute an awareness program that considers all requirements, expectations and prevailing threats to ensure that all system users are aware of appropriate security behaviors.
  • Manage, test, improve and maintain an incident response plan for each relevant security event and coordinate the appropriate response in the event of an incident to enhance the Institution’s ability to recover from these events, should they occur.
  • Perform the analysis of all security issues, reported, discovered or otherwise to define and incorporate lessons learnt to enhance the Business Units capabilities to proactively protect the information assets of the organization.
  • Perform the analysis of all security issues, reported, discovered or otherwise to define and incorporate lessons learnt to enhance the Business Units capabilities to proactively protect the information assets of the organization.
  • Propose mitigating solutions, follow-up on remediation plans and regularly report on the Institution’s risk stance and progress made to reduce the risks levels to an acceptable threshold.
  • Provide advices and follow up on the implementation of associated security control through participating in the implementation of business projects and initiatives to reduce risk exposure of customers’ information based on the risk appetite.
  • Support the institution in identifying security flaws by conducting authorized, controlled “attacks” on the IT environment in addition to coming up with recommendations for fixing these vulnerabilities before malicious actors can exploit them.
  • Assist in conducting effective risk assessments to assess all new IT systems or Processes, clearly identifying the risks and issues and the controls and measures required to mitigate those risks / issues
  • Conduct IT Security Controls Snap checks (CSA) and monitor IT Security activities e.g. application & system controls, physical and logical access security controls, review of disaster recovery and back-up procedures, media storage.
  • Follow-up on any IT Security gaps identified and put in place effective measures to safeguard the Institution’s IT resources, information and reputation.
  • Monitor, update and maintain all the systems and related initiatives/activities which include the Enterprise Risk Management MIS, performing User Administration for key information security tools/ systems within the department and implementing system changes in the department where applicable as may be authorized by Business Technology





Qualifications, Skills and Experience:

  • A bachelor’s degree in information technology/ computer science/ computer engineering or related field.
  • The desired candidate should have at least 4 years’ experience in IT with at least 2 years in ICT Security Risk Management.
  • Professional Qualification in Enterprise Risk Management, ISO Standards, CISA will be an added advantage.
  • He/she should not be more than 35 years of age.

 

How to Apply:
If you believe you have the necessary skills and experience and desire to make a difference, then apply immediately and send a detailed CV, Interested candidates should forward their applications to the HEAD PEOPLE & CULTURE, at the address below, or on email: recruitment@pridemicrofinance.co.ug

 

Deadline:  1st November 2024

 

For more of the latest jobs, please visit https://www.theugandanjobline.com or find us on our facebook page https://www.facebook.com/UgandanJobline

 

Date Posted 2024-10-29T07:53
Valid Through 2024-11-02T00:00
Employment Type FULL_TIME
Hiring Organization Pride Microfinance Limited
Job Location Kampala, Kampala, Kampala , 0256, Uganda

Related Jobs

, ,