DEADLINE: 19/05/2025

Information Security & Business Continuity Officer

Full-time

FINCA is hiring an Information Security & Business Continuity Officer responsible for coordinating information security and IT related business continuity initiatives within the organization and ensuring that the organization is compliant to the laid down requirements as stipulated in governing policies. The Information Security & Business Continuity Officer will also be responsible for ensuring the implementation of measures towards compliance with applicable data protection and privacy laws and regulations.

 

  1. Coordinating Business and Information Technology Continuity Planning and DR testing across FINCA Uganda Business Units and infrastructure
  2. Assessing and documenting cyber security posture of 3rd party vendors and their services against FINCA Uganda standards.
  3. Facilitating implementation and maintenance of IT Security controls within FINCA Uganda and ensuring delivery of assigned IT security tasks/activities
  4. Acting as cyber security subject matter expert throughout projects lifecycle, including functional requirements, design specifications, testing and quality assurance, implementation and support.
  5. Working with IT staff to resolve identified cyber security issues/concerns and developing recommendations for cybersecurity improvements
  6. Communicating and collaborating with internal clients to contribute to security direction, and providing influence and technical guidance on current and future technical directions
  7. Periodically reviewing activity logs / audit trails of the various bank IT systems, privileged accounts, monitoring security logs and incidents including performing investigations and follow-up on implementation of remedial actions
  8. Organizing and conducting system user access reviews and recertification on a quarterly basis.
  9. Utilizing appropriate tools to evaluate business environment against security policy and risk posture in terms of;
  • Network vulnerability scanning
  • Device configuration management
  • Application testing
  • Network monitoring
  • Log review
  • Threat modelling
  • Source code review
  1. Conducting system risk assessments as per the Risk Management workplan and driving actions and enhancement of controls based on lessons learned from Root Cause Analysis
  2. Supporting the Head of Risk Management in checking and ensuring closure of internal & external audit issues, RCSA and updating of risk registers for Products and Innovations and Information technology.
  3. Monitoring the Information Technology key risk indicators.
  4. Supporting any ongoing projects especially the Core Banking System post implementation assessments and the digital transformation projects.
  5. Supporting the Head of Risk Management in coordinating information security Risk awareness in FINCA Uganda through forums, training sessions etc
  6. Providing input in the annual Information Technology Security Budget cycle
  7. Developing and maintaining documentation of relevant Information Technology Systems and Security controls.
  8. Assessing and documenting Information Technology technical compliance of FINCA Uganda and providing recommendations for FINCA Uganda security policies.
  9. Perform any other duties as assigned by management from time to time.
  10. Ensuring implementation and FINCA Uganda’s compliance with applicable Data Protection and Privacy laws and regulations, including;
  • Serve as the primary point of contact within FINCA Uganda’s for members of staff, regulators, and other relevant public bodies on issues related to data protection and privacy.
  • Ensure regular training and other awareness culture initiatives on data protection and privacy are conducted.
  • Conduct regular assessments and audits to ensure compliance with applicable data protection and privacy regulations.
  • Work with key internal stakeholders in the review of business initiatives such as projects to ensure compliance with applicable data protection and privacy requirements, and where necessary, complete and advise on privacy impact assessments.
  • Ensure that FINCA Uganda’s IT systems and procedures comply with the relevant data protection and privacy laws and regulations, including the retention and destruction of data.
  • Maintain records of all data processing activities carried out by FINCA Uganda.
  • Maintain a record of all data assets and exports and a data security incident management plan to ensure timely remediation of incidents.

Qualifications and Experience

To perform the job successfully, an individual should demonstrate the following competencies:

  • Must be a team player and possess excellent inter-personal skills; be an active listener; and possess good telephone and e-mail etiquette.
  • Extensive multi-tasking and prioritization skills
  • Ability to work beyond official hours if required to do so.
  • Capability to maintain a high level of confidentiality.
  • Strong verbal and written communication skills.
  • Proactive self-starter demonstrates initiative and works independently with minimum supervision.

 

CLICK HERE TO APPLY

finca - Jobs in Uganda

About FINCA

Industry: Banking
Location: Kampala, Uganda

Share job on social media

More Jobs

IT

IT Intern (2)

Letshego Uganda

Engineering

Machine Specialist

Nile Breweries Limited