Assistant Manager – Information Security Employment Opportunity – Deposit Protection Fund of Uganda (DPF)

by

Assistant Manager – Information Security Employment Opportunity – Deposit Protection Fund of Uganda (DPF)

Job Title:             Assistant Manager – Information Security

Organization:  Deposit Protection Fund of Uganda (DPF)

Duty Station:   Kampala, Uganda

Reports to:      Head Information Technology

About US:

The Deposit Protection Fund of Uganda (DPF) is a Ugandan government agency that provides deposit insurance to depositors in Ugandan Banks, Credit Institutions and Microfinance Deposit-taking Institutions (MDIs).

Job Summary:    The Assistant Manager – Information Security drives the IT security strategy and implementation whilst protecting the Fund from security threats and cyber-attacks. Accordingly, a key element of the Manager’s role is working with Management to determine acceptable levels of risk for the Fund. He or she also ensures IT operational compliance to ISO and other relevant standards.

Key Duties and Responsibilities:  

  • Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program.
  • Work directly with the business units to facilitate risk assessment and risk management processes.
  • Develop and enhance an information security management framework.
  • Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services.
  • Partner with the Fund’s stakeholders to raise awareness of risk management concerns.
  • Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems.
  • Develop professionally written policy and procedure proposals that clearly articulate the Fund’s value proposition.
  • Effectively communicates expectations and responsibilities to all staff, Board of Directors and stakeholders.
  • Actively listens and addresses IT information security issues and concerns promptly.
  • Provide regular updates on the status of the Information Security to Management.
  • Oversees information security awareness training programs for all approved systems users.
  • Coordinates information security and risk management with other business units
  • Develops, maintains, and ensures adherence to policies and procedures related to IT security/privacy.
  • Ensures continued compliance of the Information Security Program with applicable laws and regulations.
  • Develops and reviews security policies and standards.
  • Conducts information security risk assessments and develops actionable plans to protect the Fund.
  • Oversees the dissemination of cybersecurity policies, standards, best practices and education to technical personnel with privileged access.
  • Oversees security operations center activities and ensures prevention and detection mechanisms and practices remain current with cyber threats.
  • Manages major incident containment, investigation, communication and reporting activities.
  • Reviews and updates security team member roles and responsibilities.
  • Establishes goals, objectives, priorities and performance expectations for the Information Security Office, security teams and security team members.
  • Aligns system-level objectives with organizational strategic plans.
  • Develops operating budget and capital requests.
  • Monitors financial performance and adjusts resources to maximize profitability while maintaining exceptional quality and service.
  • Continuously monitors and assesses the effectiveness of the Fund’s Information Security Program, and initiates, develops, and implements tactical and strategic changes in response to changes strategies, operations and the information security threat landscape.
  • Oversee the overall security architecture, strategy, and necessary budget.
  • Oversee cyber incident response planning.
  • Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities.
  • Conducts research and provide updates on industry trends, standards and practices.
  • Creates, communicate and implements a risk-based process for vendor risk management.
  • Maintain a current understanding of the cyber threat landscape.
  • Constantly updates the cybersecurity defense technologies to leverage new technology and threat information.
  • Performs other work-related duties as assigned, within your scope of practice.

Key Results:

  • IT configuration documents and status reports.
  • Periodic training needs assessments and quality reviews.
  • Test Plans for business applications, testing schedules and reports.
  • Service Call updates, IT system incidents, applications and database status reports.
  • Technical documentation of IT Policies, Current Practices (MCPs), Standard Operating Procedures (SOPs) and Technical feature specifications for new systems.
  • Presentations to the Executive Management and/or the Board of Directors.

Qualifications, Skills and Experience:

  • The ideal candidate for the Deposit Protection Fund of Uganda (DPF) Assistant Manager – Information Security job placement must hold a first-class or upper second-class bachelor’s degree in computer science, information systems management or related field, from an accredited institution, is essential.
  • Professional IT security management certification in one or more of the following professional certifications: CISCO, CISSP, CISM, CGEIT, SANS/GIAC is essential.
  • 5+ years of experience in a combination IT information security or related field is essential.
  • A Master’s degree in a relevant field is desired.
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST is desired.
  • Experience with contract and vendor negotiations and management including managed services is desired.
  • Specific experience in Agile (scaled) software development or other best in class development practices is desired.
  • Experience with cloud computing or elastic computing across virtualized environments is desired.

Competencies:

Technical Competencies

  • Previous IT information security experience.
  • Experience in IT project management.
  • Risk Assessment experience.
  • Technical knowledge of different types of networking, applications and operating systems.
  • HIPAA and PCI DSS regulatory compliance knowledge.
  • Excellent verbal and written communication skills.

Behavioral Competencies

  • Accountability and Dependability: Takes personal responsibility for the quality and timeliness of work and achieves results with little oversight.
  • Transparency and Integrity: Earns others’ trust and respect through consistent honesty and professionalism in all interactions.
  • Team spirit and collaboration: Promotes cooperation and commitment within the team to achieve the Fund’s organizational goals and deliverables. Builds constructive working relationships characterized by a high level of acceptance, cooperation, and mutual respect
  • Adaptability and Flexibility: Adapts to changing needs, conditions, and work responsibilities.
  • Self-Management and thoroughness: effectively manage own time, priorities, and resources to achieve goals. Ensures that work is complete and accurate and independently follows up with others to ensure that agreements and commitments have been fulfilled.
  • Communication: Shares and receives information using clear oral, written and interpersonal communication skills.
  • Stress Tolerance and tact: Maintains composure in highly stressful or adverse situations, diplomatically handles challenging or tense interpersonal situations.
  • Employee Engagement and enthusiasm: Demonstrates commitment to the job, colleagues, the Fund and its mission by acting in ways that further the accomplishment of its goals.
  • People Management: Leads and engages people to maximize organizational and individual performance through alignment with the Fund’s mission and attainment of strategic and operational goals.
  • Coaching and Mentoring: Enables co-workers to grow and succeed through feedback, instruction, and encouragement. Influences others to be excited and committed to furthering the Fund’s objectives. ability to gain other’s support for ideas, proposals, and solutions.

How to Apply:

All suitably qualified and interested candidates are encouraged to apply online at the link below.

Click Here

Deadline: 30th January 2020 by 5:00pm

: List of Current Job Vacancies / Opportunities in Uganda

: Uganda Jobs January , February, March, April, May, June, July, August, September, October, November, December

Sponsored Links