IT Security Officer
Full-time
BRAC Uganda Bank Ltd is hiring an IT Security Officer who will safeguard Brac Uganda Bank Ltds information technology assets and data from security threats which involves implementing and managing security measures to protect the confidentiality, integrity and availability of information.
Duty Station: Kampala, Uganda
Reports to: Chief Information Security Officer
Key Duties and Responsibilities:
-
- Implementing information security safeguards and testing their functionality and effectiveness
- Coordinate system security configurations, patching and vulnerability
- assessment Implement solutions to the identified vulnerabilities
- Provide security awareness training to employees to enhance their understanding of cyber security trends and best practices.
- Make periodic reports to Management on cyber security posture, breaches, attacks and feedback from awareness surveys.
- Keep Management up to date with the new cybersecurity Trends.
- Implement, maintain, and enforce policies, procedures, measures, and mechanisms to protect the confidentiality, integrity, and availability of information at BUBL.
- Implement and manage perimeter & Web Access firewalls, intrusion detection/prevention systems, and other network security programs
- Monitor network traffic for suspicious activity, respond & contain cyber security incidents
- Implement and manage endpoint protection, and mobile device security
- Ensure that all devices connected to the network comply with security policies.
- Oversee user access controls and permissions
- Implement and administer identity awareness & access management systems to ensure only authorized least privilege access to sensitive data and systems.
- Develop and maintain an incident response and containment plan.
- Lead efforts to investigate and respond to security incidents, breaches, and other security-related events
- Collaborate with Risk, Internal and External auditors to address cyber security concerns.
- Participate in systems Development life cycle of all new IT systems and identify weakness in new systems. guide management of such weaknesses and make recommendations
- Monitor security alerts and events to identify and respond to potential threats.
- Develop and implement information security and disaster discovery programs in accordance with approved information security standards Monitor access & logging to all systems and maintain access control profiles on computer networks and systems
Qualifications, Skills and Experience:
- Bachelor’s degree in computer science or related field.
- At least Minimum of 2 years of experience in IT security and risk management area.
- Professional qualifications like Certified Ethical Harker (CEH), Computer Hacking Forensic Investigator (CHFI) Certification, Certified Information System Auditor (CISA), or Certified Information Systems Security Professional (CISSP) will be an advantage
Knowledge, Skills & Competences
- IT Risk assessment and mitigation
- System and Infrastructure Security Architecture Design and integration.
- Ability to communicate security-related concepts to a broad range of technical and non-technical staff.
- Solid experience in cyber security controls and incident handling
- Strong knowledge of banking regulations / guidelines relating to cyber security and technology risk management
- Strong self-motivation, an independent thinker, communication, interpersonal and analytical skills
- In-depth knowledge and experience in the following information security areas.
- Vulnerability scanning and auditing tools
- Enterprise-scale network and host-based IDS architectures
- Enterprise-scale firewall architectures
- Secure messaging architectures
How to Apply:
Interested candidates should email their application letter, Curriculum Vitae, and copies of relevant academic documents, IN PDF FILE mentioning the job title as the subject matter to [email protected] All applications should be addressed to the Head Human Resource BRAC Uganda Bank Ltd.
Deadline: 3rd February 2025
Note: Only shortlisted candidates will be contacted.
