Senior Information Risk Officer Job Opportunities – MTN-Uganda
Job Title: Senior Information Risk Officer
Organization: MTN-Uganda
Duty Station: Kampala, Uganda
Reports to: Senior Manager Information Risk
About US:
MTN-Uganda is the leading telecommunications Company in Uganda, providing payphone, fixed lines, fax/data, internet and mobile services.
Job Summary: The Senior Information Risk Officer is responsible for the oversight on information risks identified or/and owned by business, working with Business Unit Senior Managers along with other risk professionals in BRM to ensure that the information risks to the business are identified, assessed, mitigated, monitored and reported.
Key Duties and Responsibilities:
- Tasked with supporting the implementation of the MTN group risk management strategy and framework as it relates to technology/information risk
- Develop, manage and implement the information security risk assurance plans
- The jobholder will manage and conduct formal information security risk analyses, reviews, tests, audits and/or self-assessments;
- Design appropriate remedial actions for identified risks, drive remediation of findings and management of risks and exemptions;
- Offer technical guidance on products and information security controls;
- Ensure that risks envisaged in planned new systems, products & services, projects and, data migrations are flagged early, escalated as appropriate and resolved quickly.
- Evaluate and/or test solutions/systems and ensure appropriate information security requirements and controls have been considered and incorporated into these, where necessary support the remediation of findings;
- Report information security risks in an appropriate way for different audiences;
- Manage information security investigations and incident management;
- Provide support to digital forensics
Qualifications, Skills and Experience:
- The applicant for the MTN Uganda Senior Information Risk Officer job placement must possess a Bachelor’s degree in information technology/ systems, computer science, computer/ electronic engineering or related field.
- Professional risk qualification with preferably two years post-qualification experience in a complex technology and/or financial services organization e.g. CISM, CISA, CISSP
- Membership/Affiliation with Risk Management bodies e.g. ISACA
- Training in Corporate Governance, Information and/or Security Risk, Regulatory Compliance
- A minimum of five years’ experience in information security governance, risk and compliance;
- Previous exposure and experience in interpreting and understanding an organization’s technical and business environment;
- Experience in developing the appropriate information security governance and compliance measures;
- Experience in information security risk and incident management, business continuity, disaster recovery, information security incident management, auditing and conducting assessments;
- Experience in assessments against international information security standards and/or best practice such as the ISO 27000 series, NIST 800 series, COBIT;
- Demonstrated ability to analyze large volumes of data using data analytical tools e.g. ACL or SQL
- Extensive knowledge of corporate Governance frameworks e.g. ISO27001, NIST, COBIT, Sarbanes Oxley, King IV, etc.
- Data Governance knowledge
- Project Management abilities, including escalation of issues
- Strong written and verbal skills
- Analytical thinking and lateral creativity
- Excellent interpersonal and communication skills
- Ability to present and report on complex information in an innovative and informative way.
- Ability to work under pressure to meet reporting deadlines
- Consistent demonstration of excellent written and verbal communication
- Possess a highly collaborative attitude
- Good conflict handling as well as resolution skills
- Possess an Inquisitive mindset that is skewed to research
- High levels of personal Integrity
NB: Please note that presentation of false academic documents and certification will lead to criminal prosecution.
How to Apply:
All suitably qualified and interested candidates should send their applicationswith detailed CVs, certified copies of certificates (originals are to be presented at the interview) and names and addresses of three referees to RecruitmentOfficer, MTN- Uganda, P.O. Box 24624, Kampala, (MTN Towers).
Deadline: 14th July 2017
See List of Current Job Vacancies / Opportunities in Uganda