Job Title: Head, Information Security
Organisation: UGAFODE Microfinance Limited (MDI)
Duty Station: Kampala, Uganda
Ref: HR/STAFF/VAC – 19/03/2025/2
About Organisation:
UGAFODE Microfinance Limited (MDI) is a registered financial institution in Uganda and is adherent to the Central Bank’s regulations and guidelines and was founded in 1994 to provide quality microfinance services.
Job Summary: The role reports to the Chief Executive Officer and is responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected within compliance and risk perspectives of the business/institution.
Key Duties and Responsibilities:
- Oversees the development, implementation and enforcement of Cyber and technology policy programs at UGAFODE.
- Ensuring that information systems meet the needs of the institution, and the ICT strategy, in particular information system development strategies, comply with the overall business strategies, risk appetite and ICT risk management policies of the institution.
- Ensures that UGAFODE maintains an up-to date enterprise-wide knowledge base of its users, devices, applications, software licenses and their relationships including but not limited to: Software and hardware asset inventory, Network maps (including boundaries, traffic and data flow) and network utilization & performance data.
- Designs cybersecurity controls with the consideration of users at all levels of the institution, including internal (management & staff), external users (contractors/consultants, business partners and service providers).
- Organizing professional cyber related trainings to improve technical proficiency of staff.
- Ensures that regular and comprehensive cyber risk assessments are conducted within the institution.
- Ensures adequate processes & tools are in place for monitoring IT systems to detect cyber and technology events and incidents in a timely manner.
- Conducts reviews associated with exceptions/deviations to the approved cyber and technology policies and procedures and gain senior management approval for risk assessments.
- Assessment of the confidentiality, integrity and availability of the information systems in the institution.
- Reporting as agreed on the assessment of the effectiveness of the approved cybersecurity program, all material cyber and technology events that affected the institution, e.t.c.
- Timely detection and action to identify compromises to the IT systems and controls and speedy rectification to avoid financial and operational losses.
- Ensuring that the institution’s cyber security controls and procedures are up-to-date to prevent breaches of the Institution’s systems by internal and external actors.
- Continuously test disaster recovery and Business Continuity Plans (BCP) arrangements to ensure that the institution can continue to function and meet its regulatory obligations in the event of an unforeseen attack through cyber-crime.
- Ensure timely update of the incident response mechanism and Business Continuity Plan (BCP) based on the latest cyber threat intelligence gathered.
Qualifications, Skills and Experience:
- Minimum of Bachelor’s degree in Computer Science, MIS or equivalent, and any IT certification (e.g. CISCO Certified Network Associate (CCNA) etc.
- At least 6 years’ experience with extensive knowledge of Information security within Banking environment including related statutory IT compliance regulations, IT and MIS banking policies & procedures, etc.
- Specialist security certifications such as GSEC (GIAC Security Essentials), CISSP (Certified Information Systems Security Professional) or related field is an added advantage
- Experience in leading teams.
- Analytical mind with the ability to quickly get to the root cause of issues.
- An overall understanding of relevant scripting and source code programming languages, such as C#, C++, .NET, Java, Perl, PHP, Python and others that are in use.
- Excellent report writing skills.
- Must have high degree of integrity and professionalism.
How to Apply:
If you believe you meet the requirements as stated above, submit an application letter together with an up-to-date CV to our email: [email protected]. Save the Documents as Your Full Name & indicate the job title you are applying for in the Email Subject Line. Your applications should be addressed to the Head of Human Resources
Deadline: 01st April 2025.
Note: UGAFODE provides equal opportunity in employment to all people and therefore, women are encouraged to apply
For more of the latest jobs, please visit https://www.theugandanjobline.com or find us on our facebook page https://www.facebook.com/UgandanJobline