Vacancy title:
ICT Risk Officer

[Type: FULL_TIME, Industry: Professional Services, Category: Computer & IT]

Jobs at:
Brac

Deadline of this Job:
Tuesday, November 11 2025

Duty Station:
kampala | Kampala | Uganda

Summary
Date Posted: Monday, November 3 2025, Base Salary: Not Disclosed

Similar Jobs in Uganda
Learn more about Brac
Brac jobs in Uganda

JOB DETAILS:

PURPOSE OF THE ROLE

The IT Risk Officer will assume a pivotal role in safeguarding Brac Uganda Banks’s digital assets, emphasizing the preservation of confidentiality, integrity, and availability of information. This role encompasses the evaluation, analysis, and mitigation of ICT-related risks, along with the formulation and execution of robust risk management strategies and policies.

MAIN JOB RESPONSIBILITIES

• Assess and analyse the bank’s ICT systems, applications, and processes to identify vulnerabilities and potential risks.
  • Regularly review bank’s systems and banking application user rights and develop/update user right matrices.
  • Maintain criteria for assessing applications and systems to measure compliance with company policies, procedures, standards, security training programs, technical infrastructure, and development efforts against internal compliance baselines.
  • Analyse existing ICT risk management processes and recommend improvements to ensure a clear separation of operational and compliance responsibilities.
  • Collaborate with IT teams to assess and evaluate new technologies, systems, ICT projects, IT vendors and applications for potential risks and vulnerabilities.
  • Analyse database activities and user actions to detect and investigate any unauthorized or suspicious activities.
  • Review the implemented security controls and hardening measures for database systems.
• Conduct training sessions for staff, emphasizing ICT risks and mitigation measures related to operations, strategy, and compliance.
  • Develop and implement ICT risk management policies, procedures, and guidelines to ensure compliance with regulatory requirements and industry best practices.
  • Assist with assessments of vendors and business contracts for evaluation and tracking of risk changes.
  • Prepare and present detailed reports on ICT risk assessments, incidents, and mitigation strategies to senior management and stakeholders.
  • Monitor ICT activities to ensure adherence to set policies, procedures, and guidelines governing risk identification, assessment, control, and overall risk management processes.

• REQUIRED QUALIFICATIONS AND SKILLS

  • Bachelor’s degree in computer science, Software Engineering, Information Technology, Cybersecurity and Digital Forensics or Information Systems.
  • At least 1 year experience in ICT in a banking environment with ICT security.
  • Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC).

  KNOWLEDGE, SKILLS & COMPETENCIES

  • Strong understanding of information technology systems, networks, and infrastructure.
  • Proficiency in cybersecurity principles, threats, and best practices.
  • Ability to identify and assess IT related risks and vulnerabilities.
  • Understanding of relevant compliance, legal, regulatory and industry standards.
  • Analyzing data to identify trends, patterns, and anomalies that may indicate potential risks.
  • Effective communication, reporting and presentation skills.
  • Ability to respond effectively to IT security incidents and breaches

Work Hours: 8

Experience in Months: 12

Level of Education: bachelor degree

Job application procedure
Interested in applying for this job? Click here to submit your application now.

All Jobs | QUICK ALERT SUBSCRIPTION