Job Title: IT Risk Officer
Employer: Bank of Africa – Uganda Ltd.
Duty Station: Kampala
Application Deadline: 20th January 2014
BOA UGANDA is seeking applications from qualified persons who are accomplished to take up the position of IT Risk Officer. The position will be reporting to the Head of Risk and will be responsible for the following:
Position Function:
Provide technical expertise with regards to Information Security and other ICT-related business processes, and oversee the on-going management of information security policies, procedures, and technical systems in order to maintain the confidentiality, integrity, and availability of all of the Bank’s information systems at all times.
Qualifications:
Bachelor’s degree in ICT, Computer Science or a related field
CISM or CISA and other related Professional Certification in ICT Risk Management
Professional project management certification is an added advantage
Minimum of 3 years’ experience with exposure to reviewing and advancing IT Security
Experience in risk management processes related to Business Impact Analysis, Business Continuity Planning, Disaster Recovery Planning, Change Management etc
Experience or qualifications in Oracle databases, networks and systems management and ICT projects and operations
Business acumen, planning and project management skills
Analytical skills
Strong communication and presentation skills
Interpersonal skills with ability to influence people across the Bank and teamwork skills
Initiative / self -drive, monitoring and follow up skills
Able to work in a fast-paced and results oriented environment
Key duties & Responsibilities:
Prepare, implement and review the Bank’s ICT security policy, procedures, controls and standards for both existing and new applications
Ensure reviews are conducted to ensure that all systems have effective, quality ICT security documentation in place, including: qualitative risk assessments; current and effective ICT security plans; annual system self-assessments; current and tested contingency plans; and current certification and accreditation
Conduct regular Business Impact Assessment, and derive Business Continuity Plans and a standing Disaster Recovery Plan for the Bank
Conduct self-assessments of the Bank’s ICT Security Program to ensure the Bank’s effective implementation of and compliance with established policies and procedures and best practices
Address/correct any weakness identified during assessments and audit exercises
Monitor business systems through adequate audit logging, scanning, and monitoring processes
Establish and implement a process to ensure that all users receive periodic ICT security awareness briefings and communicate rules of behavior, train staff to fulfill their ICT security responsibilities
Monitor, document and ensure resolution of all incidents, implement incident handling and escalation procedures, and report all incidents to the Head of Risk
Ensure that ICT security is addressed in the development and acquisition process of all Information Systems and Security Related products and services
Monitor and enforce internal risk policies related to ICT
Monitor and report any violations of ICT risk policy and proposal of appropriate response measures
Assist the business/support units to manage and implement ICT risk management mechanisms
Monitor developments in ICT risk management approaches in the industry, assess viability and recommend actions for implementation and improvement
Perform any other duties that may be assigned from time to time by the Head of Risk
How to Apply:
Apply to: Human Resources Manager
Email: boajobs@boauganda.com
Address: Plot 45, Jinja Road
![]()
Employer: Bank of Africa – Uganda Ltd.
Duty Station: Kampala
Application Deadline: 20th January 2014
BOA UGANDA is seeking applications from qualified persons who are accomplished to take up the position of IT Risk Officer. The position will be reporting to the Head of Risk and will be responsible for the following:
Position Function:
Provide technical expertise with regards to Information Security and other ICT-related business processes, and oversee the on-going management of information security policies, procedures, and technical systems in order to maintain the confidentiality, integrity, and availability of all of the Bank’s information systems at all times.
Qualifications:
Bachelor’s degree in ICT, Computer Science or a related field
CISM or CISA and other related Professional Certification in ICT Risk Management
Professional project management certification is an added advantage
Minimum of 3 years’ experience with exposure to reviewing and advancing IT Security
Experience in risk management processes related to Business Impact Analysis, Business Continuity Planning, Disaster Recovery Planning, Change Management etc
Experience or qualifications in Oracle databases, networks and systems management and ICT projects and operations
Business acumen, planning and project management skills
Analytical skills
Strong communication and presentation skills
Interpersonal skills with ability to influence people across the Bank and teamwork skills
Initiative / self -drive, monitoring and follow up skills
Able to work in a fast-paced and results oriented environment
Key duties & Responsibilities:
Prepare, implement and review the Bank’s ICT security policy, procedures, controls and standards for both existing and new applications
Ensure reviews are conducted to ensure that all systems have effective, quality ICT security documentation in place, including: qualitative risk assessments; current and effective ICT security plans; annual system self-assessments; current and tested contingency plans; and current certification and accreditation
Conduct regular Business Impact Assessment, and derive Business Continuity Plans and a standing Disaster Recovery Plan for the Bank
Conduct self-assessments of the Bank’s ICT Security Program to ensure the Bank’s effective implementation of and compliance with established policies and procedures and best practices
Address/correct any weakness identified during assessments and audit exercises
Monitor business systems through adequate audit logging, scanning, and monitoring processes
Establish and implement a process to ensure that all users receive periodic ICT security awareness briefings and communicate rules of behavior, train staff to fulfill their ICT security responsibilities
Monitor, document and ensure resolution of all incidents, implement incident handling and escalation procedures, and report all incidents to the Head of Risk
Ensure that ICT security is addressed in the development and acquisition process of all Information Systems and Security Related products and services
Monitor and enforce internal risk policies related to ICT
Monitor and report any violations of ICT risk policy and proposal of appropriate response measures
Assist the business/support units to manage and implement ICT risk management mechanisms
Monitor developments in ICT risk management approaches in the industry, assess viability and recommend actions for implementation and improvement
Perform any other duties that may be assigned from time to time by the Head of Risk
How to Apply:
Apply to: Human Resources Manager
Email: boajobs@boauganda.com
Address: Plot 45, Jinja Road