Manager- Information Risk - Jobs in Uganda: JobAdverts.UG
Post A Job

Manager- Information Risk

  • Full Time
  • Uganda

DFCU Bank

Reporting to the Head- Information Risk, the role holder will be responsible for upholding confidentiality, integrity and availability of the information technology environment by ensuring responsibility for ongoing risk assessment, evaluation of appropriate security controls, development and monitoring of policies and standards, security awareness and proactive compliance with industry regulations related to information security.

KEY ACCOUNTABILITIES:

  • Work closely with Information Technology professionals responsible for user security and access controls to ensure the review of privileged levels of access and changes to the technology environment for risk.
  • Oversight of the vulnerability management program.
  • Develop the information security workplan, policies and standards in conjunction with the technology team within the Bank.
  • Develop and maintain information security risk assessments designed to evaluate inherent risks, controls, and residual risks. Effectively advocate within the business for security controls that mitigate unacceptable risks.
  • Oversee information security awareness activities for bank employees and customers. Ensure that bank culture maintains a commitment to security.
  • Support the first line to design, implement, and maintain the organization’s cybersecurity plan. Perform assurance checks on this plan.
  • Perform assessment of IT security controls and evaluate results relative to risk assessment.
  • Work with Information Technology and other business unit stakeholders during project and product development efforts and work as well with Business Technology to ensure that appropriate IT security controls are considered during vendor selection and development efforts.
  • Monitor regulations and technology trends that affect financial institutions. Evaluate compliance and develop plans for compliance with regards to information security. Educate bank employees and act as a champion for compliance throughout the bank.
  • Establish and maintain successful external relationships with security technology and service providers, industry experts, local law enforcement, industry consortiums, and regulatory agencies.
  • Ensure the integrity of Information Security controls in the business through enforcement of self-assessments (RCA/KRIs) and giving prompt feedback to the first line of defence. Actively participate in a robust review and challenge process with technology inclined units on their Risk & Control Assessments and overall performance.
  • Follow up and ensure that all Technology related Internal/External Audit and BOU inspection findings have been fully resolved and that no repeat findings arise in subsequent audits.
  • Conduct periodic risk-based Unit assurance reviews to monitor how effective their risk management practices are and recommend remedial actions where there are control weaknesses.
  • Support the bank’s digital strategy by providing assurance to the bank projects while ensuring any risks/threats to the bank’s technology platforms are proactively identified, assessed and an appropriate mitigation strategy is in place. Ensure that material risks are reported to relevant stakeholders.
  • Coordination of the bank’s Business Continuity Management activities including review of the Disaster Recovery Plan, testing of this plan and quality assurance of the same.
  • Monitoring and review of IT related SLAs.
  • Develop and maintain a procedure for monitoring system support and performance levels.

KNOWLEDGE, SKILLS, AND EXPERIENCE REQUIRED:

  • Bachelors or Graduate Degree with sufficient background in Information Security and Business Management disciplines.
  • Professional Digital Security certifications in relevant technologies such as CISSP, CISM, CRISC, CISA, or certifications in platforms like Microsoft or Cloud Computing, will be an added advantage.
  • 7 years’ working experience of which three (3) should be in an Information Security related role.
  • Experience managing projects and programs to achieve information security objectives.
  • Demonstrated exceptional written and verbal communication skills.
  • Understanding of current technology and regulatory trends affecting financial institution information security programs.
  • Excellent interpersonal skills and the ability to work effectively with people in a wide range of positions and levels.
  • Demonstrated ability to analyze security and technology control effectiveness.
  • Ability to effectively prioritize and execute tasks in a high-pressure environment.
  • Good analytical decision-making skills to enable the effective handling of all systems while retaining the integrity of data.
  • Ability to be proactive and lead cross-functional teams to achieve information security objectives.
  • Good report writing techniques in order to review and redesign operational and management information reports to suit departmental reporting purposes.
  • Excellent communications and engagement skills.
  • Strong attention to detail and personal effectiveness.
  • High level of integrity and standards.
  • Self-drive and initiative.
  • Customer Dedication and Community Immersion.
  • Relationship Building.
  • Team Player.
  • Creative Initiative.
  • Unafraid to take responsibility, partner with the business whilst retaining independence to provide challenge to the business.
  • Ability to work effectively with local contemporaries and peers in other clusters and regions to maintain a collaborative culture.

INVITATION

If you believe you meet the requirements as noted above, please use the link below to apply.

careers.dfcugroup.com

Once there, click on “Career Opportunities” to get started. (We recommend using Google Chrome for the best experience.)

Deadline: Friday 19th June 2026

Only short-listed candidates will be contacted.

Related Jobs

Showing 1 - 4 of 30 jobs

To apply for this job email your details to info@jobadverts.ug

Job Location