ICT Risk Officer job at NCBA Bank

September 14, 2024

NCBA Bank

ICT Risk Officer job Post

Location:  Jobs in Uganda 2024 - 2025


Work Hours: Full-time, 08 hours per day

Salary: UGX

No. of vacancies: 01

Deadline: 20 September 2024

Hiring Organization: NCBA Bank

Job Details:

Job Title: Officer, ICT Risk Reports to: Head of Risk

Unit: Enterprise Risk Department Department: Risk & Control

 

Job Purpose Statement


The purpose of this role is to provide continuous independent assurance on NCBA Bank’s information systems security, specifically on integrity, confidentiality and availability of information by ensuring appropriate security controls are in place to protect the Bank’s asset from ICT related risks while at the same time managing compliance of the Bank’s ICT and information security policies with laws, regulatory guidelines and applicable standards.


Key Accountabilities (Duties and Responsibilities)


Responsible for supporting the achievement of profitability of the bank through management/ cost savings of set departmental budgets.


Internal business


  • Threat and Vulnerability Assessment: Collaborate with internal stakeholders to assess threats to information assets, identify vulnerabilities, and recommend risk mitigation measures to reduce residual risk to acceptable levels.
  • Risk Assessments: Conduct ICT risk assessments of the Bank's systems and provide recommendations for appropriate and adequate IT security controls to mitigate ICT risks.
  • Process Review: Review ICT processes, including Information Security, Security Operations, IT governance, and IT asset management, to identify deficiencies and recommend improvements.
  •  IT Risk Guidance: Provide guidance to departments on IT risk management topics, including compliance with standards and policies and ensuring alignment with the Bank’s risk appetite.
  • ICT Controls Review: Continuously assess the effectiveness of existing ICT controls and recommend improvements as necessary.
  •  Risk Appetite Alignment: Ensure that the Bank’s ICT risk management practices align with the risk appetite and tolerance defined by senior management and key
  • Risk Register Management: Ensure the completeness and accuracy of the ICT & BCM risk register. Policy and Standard Evaluation: Evaluate information systems policies, standards, and procedures to ensure they meet both internal and external requirements
  •  Risk Response: Identify and evaluate risk response options, providing management with the necessary information to make informed decisions.
  •  Risk Posture Monitoring: Monitor the Bank’s ICT risk posture and communicate findings to relevant stakeholders to maintain the effectiveness of the enterprise risk management strategy.
  •  Regulatory Compliance: Conduct periodic reviews to ensure compliance with internal policies and regulatory requirements.
  • Collaboration: Work closely with other enterprise risk team members on multiple projects to proactively identify and mitigate IT risk concerns.
  • Framework Development: Support the development and enhancement of IT risk management practices, frameworks, and methodologies.
  • Drive customer satisfaction through adherence of set SLAs and issuing stakeholders timely feedback. Promote ICT/information security awareness within the Bank by providing guidance, consulting and coordinating relevant programs to ensure an IS complaint culture
  • Learning and growth- Responsible for delivering the performance objectives set and managing his/her own learning and development to build capacity and avail him/herself for coaching and training opportunities.

ARE YOU INTERESTED IN THIS JOB?, CLICK HERE TO SEE THE FULL JOB DESCRIPTION AND APPLICATION PROCEDURES.

WE WISH YOU GOOD LUCK

Date Posted: 2024-09-14

MORE JOBS IN UGANDA HERE

CLICK HERE TO FOLLOW OUR JOB SHARING WHATSAPP CHANNEL FOR ALL THE DAILY JOB UPDATES

CLICK HERE TO FOLLOW US ON 'X' FORMERLY 'TWITTER'


Riyow

Posted by Riyow