PURPOSE OF THE ROLE
To plan, manage and coordinate BRAC Uganda Bank’s Information Security programs to ensure Confidentiality, Integrity & Availability of the Bank’s information Technology assets. The role will also manage the IT service continuity process by coordinating and supporting Business Continuity Management (BCM) and Disaster Recovery (DR) as well as Work Area Recovery (WAR) processes.
MAIN JOB RESPONSIBILITIES
To design, implement and maintain a continually updated comprehensive IT security architecture.
To design and implement security controls by managing the assessm of IT progra against the policies and information security standards
To lead the enforcement and maintanance of policies, procedures, measures and mechanisms to protect the confidentiality, integrity, and availability of information at BRAC Uganda Bank and deliver improved information security governance, risk and compliance.
Ensure information security is well coordinated in IT projects and innovations development life cycle.
Ensure compliance with all information security regulatory policies, guidelines and standards and provide regular communication of governance requirements to stakeholders.
Devise and implement an effective plan to deliver a satisfactory risk and audit profile for information security and achieve audit and assurance targets.
Develop and implement information security and disaster discovery programs in accordance with approved information security standards
Review the Business Continuity Management (BCM) plan prepared for all technology processes for adequacy and ensure required tests of the plan are executed and all test failures addressed
Track and periodically report on the compliance of security controls and ensure timely remediation of lapses.
Coordinate with relevant stakeholders to review risk and compliance of all mission critical Information technology programs and implement measures to address notable risks and regulatory
concerts
Periodically avail relevant information security management assurance reports and attestations
Coordinate periodic review & development of detailed Risk and Control Assessments for the department
Ensure that processes, control requirements and risk management frameworks that impact mission critical IT assets are documented and understood by all relevant stakeholders.
Manage any third parties & vendors involved in information security programs. Ensure compliance with BUBL’s BCM framework by all vendors ement operations and governance relating
to systems, infrastructure, and user identity lifecycle management Coordinate periodic evaluations of systems to ensure that appropriate controls and access levels are maintained.
Manage cyber incident response & containment plans.
REQUIRED QUALIFICATIONS AND SKILLS
• A bachelor’s degree in computer science, Cyber security or related field.
• Professional training in areas such as Cyber operations and certifications such as Certified Ethical Harker (CEH), Certified Information Security Manager (CISM), Certified Information System Auditor (CISA), or Certified Information Systems Security Professional (CISSP) are an added advantage.
• At least three years and above experience in a busy Information security domain.
• Solid experience in cyber security controls and incident handling
KNOWLEDGE, SKILLS &COMPETENCES
• Information Security program design, governance, risk & compliance
• Ability to communicate security-related concepts to a broad range of
• technical and non-technical sta
• Strong knowledge of banking regulations/guidelines relating to cyber security and technology risk management.
• Strong work ethic to adhere to timelines, leadership, interpersonal and analytical skills.
• In-depth knowledge and experience in the following information security areas:
• Vulnerability scanning and penetration testing
• Enterprise-scale network, data center and host-based IDS architecture
• Secure messaging architecture.
• Secure omnichannel systems architecture.
Interested candidates should email their application letter, Curriculum Vitae, and copies of relevant academic documents, IN PDF FILE mentioning the job as the ct matter NOT later than Tuesday 17 September, 2024. Applications should be addressed to the Head Human Resource BRAC Uganda Bank Ltd.
Note: Only shortlisted candidates will be contacted.