google.com, pub-8228024607803045, DIRECT, f08c47fec0942fa0
top of page

IT Security Risk Manager job at Exim Bank (Uganda) Limited

About the Organization

Exim Bank (Uganda), commonly known as Exim Bank, is a commercial bank in Uganda. It is one of the commercial banks licensed by the Bank of Uganda, the central bank and national banking regulator.

Job Description

Responsible for establishing and maintaining a bank-wide information security management program to ensure that information assets are adequately protected. He/she is responsible for identifying, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements, aligns with and supports the enhancement of the Information Technology risk posture of the bank.

Online Typing

Duties and Responsibilities

  • Conducting vulnerability assessments to identify security weaknesses within the bank's technology environments. i.e., test and identify network and system vulnerabilities, identify risk tolerances, recommend treatment plans, and disseminate reports about residual risk.

  • Analysis of information protection technologies and processes including information databases and applications to identify technology security weaknesses and potential risks.

  • Conduct risk assessments of data processing systems to confirm the design of logical controls and ensure that they are effective and meet business practices and regulatory and legal requirements.

  • Regular risk reviews on Interface reconciliations to ensure that entries in CBS agree to interface/payment systems. i.e., regular spot checks.

  • Ensuring that audit trails, system logs, and other monitoring data sources are reviewed periodically and comply with IT policies and audit requirements.

  • Regular review of system user access rights and profiles including super user counts for all critical systems.

  • Regular risk reviews on cash deposit machines (CDMs), ATMs, and other delivery channels, including offsite ones.

  • Conducting data protection and privacy risk assessments in line with the Data Protection Act, regulations, and the bank’s policies.

  • Conducting vendors’/third parties’ risk-based reviews/assessments.

  • Provide oversight and guidance during security incidents and investigations, ensure root cause analysis is undertaken, and recommend suggested approaches to deal with lessons identified and ensure timely reporting/adequate participation in the investigation of IT security incidents.

  • In collaboration with the IT department, offer guidance/Subject Matter Expertise for future system enhancements in line with the bank’s overall strategy.

  • Create and manage information security and risk management awareness training programs for employees including all approved system users.

  • Identify, communicate, and manage current and emerging security threats with relevant stakeholders.

  • Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable.

  • Work directly with the business units to facilitate IT risk assessment and risk management processes, and work with stakeholders throughout the bank on identifying acceptable levels of residual risk.

  • Work with various stakeholders to identify information asset owners to classify data and systems as part of the control framework implementation.

  • Independently assess, monitor and report on the bank’s back-up procedures and offer quality assurance on the bank’s overall Disaster Recovery Plan (DRP), including the tests thereof.Design, coordinate, and oversee security testing procedures to verify the security of systems, networks, and applications, and manage the remediation of identified risks.

  • Review the change management process ensuring that all changes in the system have corresponding approvals.

  • Ensure that security programs comply with relevant laws, regulations, and policies to minimize risk and audit findings.

Enroll for Tax Practitioners Course

Qualification, Experiences and Competencies

  • Proficient communication skills with the ability to present to all levels of audiences.

  • Good understanding of IT networking and access management concepts.

  • Ability to maintain a high degree of professionalism with a high commitment to quality.

  • Ability to understand and assess technology systems and applications from both a technical and business function perspective.

  • Strong interpersonal skills, supervisory and managerial skills to lead and encourage a team.

  • A high degree of confidentiality, dependability, and initiative.

ACADEMIC AND PROFESSIONAL REQUIREMENTS.

  • A bachelor's degree in information systems, computer science, or a related field.

  • Possession of additional certifications like Certified Information Systems Auditor (CISA), Certified Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), etc.

  • Minimum 6 Years experience, 2 must be in a supervisory role specifically in Information security.

How to Apply

APPLICATION FOR THIS POSITION MUST BE DONE ONLINE:
Kindly send your cover letter and up-to-date CV to hr@eximbank-ug.com with the subject: JOB APPLICATION: INFORMATION SECURITY MANAGER by close of business,

Typing jobs
Get a Professional CV Customized to the Job you want to Apply for
Related Job Postings
Finance Trust Bank
Enterprise Systems Administrator job at Finance Trust Bank
brief case.png
31 Aug 2024
Bookshop Attendant job at – World Trumpet Mission (WTM)
brief case.png
19 Aug 2024
Makerere University School of Public Health
Data Systems and Health Informatics Officer Jobs – Makerere University School of Public Health (MakSPH)
brief case.png
23 Aug 2024
Bookshop Attendant job at – World Trumpet Mission (WTM)
brief case.png
19 Aug 2024
Makerere University School of Public Health
Data Systems and Health Informatics Officer Jobs – Makerere University School of Public Health (MakSPH)
brief case.png
23 Aug 2024
Typing jobs
Share this Job:
0
bottom of page