Header

IT RISK OFFICER BANK OF AFRICA

BANK OF AFRICA – UGANDA Ltd. is part of GROUPE BANK OF AFRICA (BOA) comprising fifteen commercial banks, three leasing companies, two life-insurance companies, two investment companies, a stock brokerage company and an ICT subsidiary. It spans 14 African countries namely Uganda, Kenya, Tanzania. Benin. Burkina Faso, Cote D’lvoire, Madagascar, Mali, Niger, Senegal, Burundi, Ghana, Djibouti, DR Congo as well as representative office in France. BOA employs over 4,000 people and believes in transparency, expertise, proximity and responsibility. BOA – UGANDA is seeking applications from suitably qualified persons who are accomplished to take up the following positions.

IT RISK OFFICER

Location: Head Office
Reporting to: Head of Risk and Compliance
Positions supervised: None
Grade: Assistant Manager Level, BG5

Overall role: The role holder will partner with various stakeholders of the business to assess relevant IT and IS systems whilst adopting a risk based approach. To provide IT expertise with regards to Information Security and other IT-related business processes and oversee the ongoing management of information security policies, procedures, and technical systems in order to maintain the confidentiality, integrity, and availability of all of the Bank’s information systems. To ensure that the access control, disaster recovery, business continuity, incident response, and risk management needs of the Bank are properly addressed; and to measure, analyze, monitor and control the Bank’s risk exposures.
Key Responsibilities:
1. Prepare, implement and review the Bank’s IT security policy, procedures, controls and standards for both existing and new applications;
2. Ensure reviews are conducted to ensure that all systems have effective, quality IT security documentation in place, including: Qualitative risk assessments; Current and effective IT security plans; Annual system self-assessments; Current and tested contingency plans; and Current certification and accreditation.
3. Conduct self-assessments of the Bank’s IT Security Program to ensure the Bank’s effective implementation of and compliance with established policies and procedures;
4. Address/correct any weakness identified during assessments and audit exercises;
5. Monitor business systems through adequate audit logging, scanning, and monitoring processes;
6. Establish and implement a process to ensure that all users receive periodic IT security awareness briefings and copies of rules of behavior, are trained to fulfill their IT security responsibilities, and understand the consequences of non-compliance;
7. Monitor, document and ensure resolution of all incidents, implement incident handling and escalation procedures, and report all incidents to the Head of Risk and Compliance;
8. Ensure mat IT security is addressed in the development and acquisition process of information systems and security related products and services;
9. Monitor and enforce internal risk policies (e.g., credit , market risk, operational risk policy);
10. Report violations of risk policy with a proposal of appropriate measures;
11. Assist the business/support units to manage and implement risk management mechanisms;
12. Monitor developments in risk management approaches in the industry, assess viability and recommend actions for implementation;
13. Monitor targets/Key Performance Indicators (KPIs) across functions; and
14 Perform any other duties that may be assigned from time to time by the Head of Risk and Compliance.
Requirement:

Knowledge, Skills and Experience
• Bachelors Degree ICT, Computer Science or a related field
• CISA and other related Certified / Professional qualification in ICT an added advantage
• 3 years’ experience with exposure to reviewing and advancing IT Security in a bank environment
• Experience in assessing technology risk
Salary: - USD/month
How to apply:

Applicants should send job applications, up-to dale curriculum vitae and copies of academic certificates through courier or hand delivery to the address below by 18th June 2012. Your application should include three references, none of whom should be your relative and all of whom should have supervised you, taught you or known you through your work. Only short listed applicants will be contacted. If you do not hear from us by 30* June 2012 please consider your application as unsuccessful.
THE MANAGING DIRECTOR BANK OF AFRICA – UGANDA Ltd Plot 45 Jinja Road P.O. Box 2750, Kampala