Information Security & Business Continuity Officer
2025-05-06T02:40:29+00:00
Finca Uganda Limited
https://cdn.greatugandajobs.com/jsjobsdata/data/employer/comp_1217/logo/finca.png
https://finca.ug/
FULL_TIME
kampala
Kampala
00256
Uganda
Financial Services
Management
2025-05-19T17:00:00+00:00
Uganda
8
SUMMARY
The Information Security & Business Continuity Officer is responsible for coordinating information security and IT related business continuity initiatives within the organization and ensuring that the organization is compliant to the laid down requirements as stipulated in governing policies. The Information Security & Business Continuity Officer will also be responsible for ensuring the implementation of measures towards compliance with applicable data protection and privacy laws and regulations.
- Coordinating Business and Information Technology Continuity Planning and DR testing across FINCA Uganda Business Units and infrastructure
- Assessing and documenting cyber security posture of 3rd party vendors and their services against FINCA Uganda standards.
- Facilitating implementation and maintenance of IT Security controls within FINCA Uganda and ensuring delivery of assigned IT security tasks/activities
- Acting as cyber security subject matter expert throughout projects lifecycle, including functional requirements, design specifications, testing and quality assurance, implementation and support.
- Working with IT staff to resolve identified cyber security issues/concerns and developing recommendations for cybersecurity improvements
- Communicating and collaborating with internal clients to contribute to security direction, and providing influence and technical guidance on current and future technical directions
- Periodically reviewing activity logs / audit trails of the various bank IT systems, privileged accounts, monitoring security logs and incidents including performing investigations and follow-up on implementation of remedial actions
- Organizing and conducting system user access reviews and recertification on a quarterly basis.
- Utilizing appropriate tools to evaluate business environment against security policy and risk posture in terms of;
- Network vulnerability scanning
- Device configuration management
- Application testing
- Network monitoring
- Log review
- Threat modelling
- Source code review
- Conducting system risk assessments as per the Risk Management workplan and driving actions and enhancement of controls based on lessons learned from Root Cause Analysis
- Supporting the Head of Risk Management in checking and ensuring closure of internal & external audit issues, RCSA and updating of risk registers for Products and Innovations and Information technology.
- Monitoring the Information Technology key risk indicators.
- Supporting any ongoing projects especially the Core Banking System post implementation assessments and the digital transformation projects.
- Supporting the Head of Risk Management in coordinating information security Risk awareness in FINCA Uganda through forums, training sessions etc
- Providing input in the annual Information Technology Security Budget cycle
- Developing and maintaining documentation of relevant Information Technology Systems and Security controls.
- Assessing and documenting Information Technology technical compliance of FINCA Uganda and providing recommendations for FINCA Uganda security policies.
- Perform any other duties as assigned by management from time to time.
- Ensuring implementation and FINCA Uganda’s compliance with applicable Data Protection and Privacy laws and regulations, including;
- Serve as the primary point of contact within FINCA Uganda’s for members of staff, regulators, and other relevant public bodies on issues related to data protection and privacy.
- Ensure regular training and other awareness culture initiatives on data protection and privacy are conducted.
- Conduct regular assessments and audits to ensure compliance with applicable data protection and privacy regulations.
- Work with key internal stakeholders in the review of business initiatives such as projects to ensure compliance with applicable data protection and privacy requirements, and where necessary, complete and advise on privacy impact assessments.
- Ensure that FINCA Uganda’s IT systems and procedures comply with the relevant data protection and privacy laws and regulations, including the retention and destruction of data.
- Maintain records of all data processing activities carried out by FINCA Uganda.
- Maintain a record of all data assets and exports and a data security incident management plan to ensure timely remediation of incidents.
To perform the job successfully, an individual should demonstrate the following competencies:
- Must be a team player and possess excellent inter-personal skills; be an active listener; and possess good telephone and e-mail etiquette.
- Extensive multi-tasking and prioritization skills
- Ability to work beyond official hours if required to do so.
- Capability to maintain a high level of confidentiality.
- Strong verbal and written communication skills.
- Proactive self-starter demonstrates initiative and works independently with minimum supervision.
Key duties and responsibilities Coordinating Business and Information Technology Continuity Planning and DR testing across FINCA Uganda Business Units and infrastructure Assessing and documenting cyber security posture of 3rd party vendors and their services against FINCA Uganda standards. Facilitating implementation and maintenance of IT Security controls within FINCA Uganda and ensuring delivery of assigned IT security tasks/activities Acting as cyber security subject matter expert throughout projects lifecycle, including functional requirements, design specifications, testing and quality assurance, implementation and support. Working with IT staff to resolve identified cyber security issues/concerns and developing recommendations for cybersecurity improvements Communicating and collaborating with internal clients to contribute to security direction, and providing influence and technical guidance on current and future technical directions Periodically reviewing activity logs / audit trails of the various bank IT systems, privileged accounts, monitoring security logs and incidents including performing investigations and follow-up on implementation of remedial actions Organizing and conducting system user access reviews and recertification on a quarterly basis. Utilizing appropriate tools to evaluate business environment against security policy and risk posture in terms of; Network vulnerability scanning Device configuration management Application testing Network monitoring Log review Threat modelling Source code review Conducting system risk assessments as per the Risk Management workplan and driving actions and enhancement of controls based on lessons learned from Root Cause Analysis Supporting the Head of Risk Management in checking and ensuring closure of internal & external audit issues, RCSA and updating of risk registers for Products and Innovations and Information technology. Monitoring the Information Technology key risk indicators. Supporting any ongoing projects especially the Core Banking System post implementation assessments and the digital transformation projects. Supporting the Head of Risk Management in coordinating information security Risk awareness in FINCA Uganda through forums, training sessions etc Providing input in the annual Information Technology Security Budget cycle Developing and maintaining documentation of relevant Information Technology Systems and Security controls. Assessing and documenting Information Technology technical compliance of FINCA Uganda and providing recommendations for FINCA Uganda security policies. Perform any other duties as assigned by management from time to time. Ensuring implementation and FINCA Uganda’s compliance with applicable Data Protection and Privacy laws and regulations, including; Serve as the primary point of contact within FINCA Uganda’s for members of staff, regulators, and other relevant public bodies on issues related to data protection and privacy. Ensure regular training and other awareness culture initiatives on data protection and privacy are conducted. Conduct regular assessments and audits to ensure compliance with applicable data protection and privacy regulations. Work with key internal stakeholders in the review of business initiatives such as projects to ensure compliance with applicable data protection and privacy requirements, and where necessary, complete and advise on privacy impact assessments. Ensure that FINCA Uganda’s IT systems and procedures comply with the relevant data protection and privacy laws and regulations, including the retention and destruction of data. Maintain records of all data processing activities carried out by FINCA Uganda. Maintain a record of all data assets and exports and a data security incident management plan to ensure timely remediation of incidents.
Qualifications and Experience To perform the job successfully, an individual should demonstrate the following competencies: Must be a team player and possess excellent inter-personal skills; be an active listener; and possess good telephone and e-mail etiquette. Extensive multi-tasking and prioritization skills Ability to work beyond official hours if required to do so. Capability to maintain a high level of confidentiality. Strong verbal and written communication skills. Proactive self-starter demonstrates initiative and works independently with minimum supervision.
No Requirements
JOB-6819769d67abe
Vacancy title:
Information Security & Business Continuity Officer
[Type: FULL_TIME, Industry: Financial Services, Category: Management]
Jobs at:
Finca Uganda Limited
Deadline of this Job:
Monday, May 19 2025
Duty Station:
kampala | Kampala | Uganda
Summary
Date Posted: Tuesday, May 6 2025, Base Salary: Not Disclosed
Similar Jobs in Uganda
Learn more about Finca Uganda Limited
Finca Uganda Limited jobs in Uganda
JOB DETAILS:
SUMMARY
The Information Security & Business Continuity Officer is responsible for coordinating information security and IT related business continuity initiatives within the organization and ensuring that the organization is compliant to the laid down requirements as stipulated in governing policies. The Information Security & Business Continuity Officer will also be responsible for ensuring the implementation of measures towards compliance with applicable data protection and privacy laws and regulations.
- Coordinating Business and Information Technology Continuity Planning and DR testing across FINCA Uganda Business Units and infrastructure
- Assessing and documenting cyber security posture of 3rd party vendors and their services against FINCA Uganda standards.
- Facilitating implementation and maintenance of IT Security controls within FINCA Uganda and ensuring delivery of assigned IT security tasks/activities
- Acting as cyber security subject matter expert throughout projects lifecycle, including functional requirements, design specifications, testing and quality assurance, implementation and support.
- Working with IT staff to resolve identified cyber security issues/concerns and developing recommendations for cybersecurity improvements
- Communicating and collaborating with internal clients to contribute to security direction, and providing influence and technical guidance on current and future technical directions
- Periodically reviewing activity logs / audit trails of the various bank IT systems, privileged accounts, monitoring security logs and incidents including performing investigations and follow-up on implementation of remedial actions
- Organizing and conducting system user access reviews and recertification on a quarterly basis.
- Utilizing appropriate tools to evaluate business environment against security policy and risk posture in terms of;
- Network vulnerability scanning
- Device configuration management
- Application testing
- Network monitoring
- Log review
- Threat modelling
- Source code review
- Conducting system risk assessments as per the Risk Management workplan and driving actions and enhancement of controls based on lessons learned from Root Cause Analysis
- Supporting the Head of Risk Management in checking and ensuring closure of internal & external audit issues, RCSA and updating of risk registers for Products and Innovations and Information technology.
- Monitoring the Information Technology key risk indicators.
- Supporting any ongoing projects especially the Core Banking System post implementation assessments and the digital transformation projects.
- Supporting the Head of Risk Management in coordinating information security Risk awareness in FINCA Uganda through forums, training sessions etc
- Providing input in the annual Information Technology Security Budget cycle
- Developing and maintaining documentation of relevant Information Technology Systems and Security controls.
- Assessing and documenting Information Technology technical compliance of FINCA Uganda and providing recommendations for FINCA Uganda security policies.
- Perform any other duties as assigned by management from time to time.
- Ensuring implementation and FINCA Uganda’s compliance with applicable Data Protection and Privacy laws and regulations, including;
- Serve as the primary point of contact within FINCA Uganda’s for members of staff, regulators, and other relevant public bodies on issues related to data protection and privacy.
- Ensure regular training and other awareness culture initiatives on data protection and privacy are conducted.
- Conduct regular assessments and audits to ensure compliance with applicable data protection and privacy regulations.
- Work with key internal stakeholders in the review of business initiatives such as projects to ensure compliance with applicable data protection and privacy requirements, and where necessary, complete and advise on privacy impact assessments.
- Ensure that FINCA Uganda’s IT systems and procedures comply with the relevant data protection and privacy laws and regulations, including the retention and destruction of data.
- Maintain records of all data processing activities carried out by FINCA Uganda.
- Maintain a record of all data assets and exports and a data security incident management plan to ensure timely remediation of incidents.
To perform the job successfully, an individual should demonstrate the following competencies:
- Must be a team player and possess excellent inter-personal skills; be an active listener; and possess good telephone and e-mail etiquette.
- Extensive multi-tasking and prioritization skills
- Ability to work beyond official hours if required to do so.
- Capability to maintain a high level of confidentiality.
- Strong verbal and written communication skills.
- Proactive self-starter demonstrates initiative and works independently with minimum supervision.
Work Hours: 8
Experience: No Requirements
Level of Education: bachelor degree
Job application procedure
Interested in applying for this job? Click here to submit your application now.
All Jobs | QUICK ALERT SUBSCRIPTION
