Whatsapp, Telegram Groups
Jobs by Categories
IT Risk Officer job at I&M
New
I&M Bank
Website : https://www.imbankgroup.com/
Today
Linkedid Twitter Share on facebook
IT Risk Officer
2025-08-23T13:37:31+00:00
I&M
https://cdn.greatugandajobs.com/jsjobsdata/data/employer/comp_3675/logo/I&M%20Bank.png
FULL_TIME
 
Uganda
Kampala
00256
Uganda
Finance
Computer & IT
UGX
 
MONTH
2025-08-31T17:00:00+00:00
 
Uganda
8

The role is responsible for overseeing the embedding and implementation of risk management process in the ICT and digital transformation initiatives, conduct control testing, collaborating the above functions to develop and implement risk management actions plans and to support in conducting incidents investigations to identify root cause and mitigation to manage any risks arising from such incidents.

Key Responsibilities


  • Governance
  • Participate in the periodic review of ICT, Projects and Digital Business policies and procedures in liaison with the Business units to identify areas of potential improvement or weakness in risk management controls. Review of policies and procedures includes other stakeholders as required.
  • Participate in the periodic review of Risk Policies and Procedures in liaison with the other units in Risk & Compliance.
  • Monitor implementation of ICT, Projects and Digital Business policies and procedures.
  • Independent analysis and reporting of top ICT risks and their mitigation therein.
  • Manage immediate reports to ensure IT & Digital Risk Management objectives and KPIs are met in a timely manner.


           Risk Identification, Assessment, and Mitigation

  • Implementation of appropriate Enterprise Risk Management methodologies, Tools & Techniques
  • Support and participate in the Unit Operational Risk and Compliance Committees for Business units across the bank with the respective Risk champions.
  • Coordinating the implementation of the Risk & Control Self-Assessment (RCSA) framework across the various Business and Support units
  • Participate in the embedment of all new and emerging Technology and Digital risks into the business units’ registers.
  • Review and follow up on the unit’s quarterly RCSAs to identify top risks, control gaps, issues raised and track for closure.
  • Providing day-to-day support and guidance to ICT, Digital and Projects functions and other stakeholders across the Bank on the identification, assessment, measurement and reporting of enterprise and process risk.
  • Independent Digital and ICT third party risk assessments and technical due diligence.
  • IT Risk assurance - Actively engaging in end-to-end risk remediation planning, resolution, and monitoring activities. i.e. (Patching, hardening, baseline controls for different OS and applications, application whitelisting etc.)
  • Support and participate in designing the Bank’s Key Risk Indicators framework (KRIs)
  • Review the KRI reports from the ICT, Projects and Digital Business units and any other as assigned and report any outside approved tolerance limits i.e. exceptions for follow up and action planning
  • Participate and support the risk owners to define key risk metrics for IT & Digital risks within the Business and Support functions
  • Support the Implementation of the Incident management and loss data reporting framework
  • Ensure that Change and Incident management procedures are implemented and report on gaps noted for remediation
  • Follow up, track and analyze system incidences and other incidences to ensure proper identification of root cause and follow up on implementation of comprehensive action plans/measures to close loopholes by respective business units.
  • Support and participate in developing Control testing checklists in the Business units as per the Control Testing procedure
  • Actively participate in carrying out independent Control Testing at Business units, to ensure that policies and procedures are effectively implemented, discuss the test results with the business teams and follow up on closures of the action plans within the agreed timelines
  • Follow up with business units to update the risk registers accordingly after control testing findings to reflect the units control environment.
  • Support the preparation of reports for Management and Board


           Project Risk management

  • Support and participate in the control testing for all new and existing initiatives and projects being delivered and facilitate the reporting of potential risk exposures, the risk mitigations and tracking and reporting of risk remediation efforts.
  • Participate in carrying out Risk assessments for project initiatives and process reviews


         

           Training and Awareness

  • Assist in raising awareness and providing training for bank employees on Risk policies and procedures
  • Audit
  • Follow up and ensure that all open issues identified by auditors are adequately closed within the agreed time frame.

Educational Requirements

  • Bachelor’s degree in computer science, Information Technology or related field
  • A Relevant professional requirement such as CRISC (Certified in Risk and Information Systems Control (CRISC) CISA.

Work Experience

  • Minimum of 2 to 4 years progressive experience in a similar role preferably in financial institutions.

Key Required Competencies & Skills

  • Understanding of financial/banking business operation.
  • Excellent analytical, interpretive and problem-solving, communication and relationship skill.
  • Strong understanding of systems security governance, compliance, and risk management principles.
  • Strong Project Management skills.
  • Working knowledge of control and risk management concepts with the ability to evaluate digital and IT risk and control environment in liaison with business functions.
  • Understanding of IT & Digital risk management/ measurement techniques.
  • Demonstrable experience with developing/ IT and digital risk management framework, including compliance and monitoring program or related field.
  • Proven ability to work across different areas of IT risk management
  • Having experience in reviewing DPIAs and Data Risks would be an added advantage.
  • A proactive self-starter.

Behavioral Competencies

  • High ethical standards and integrity.
  • Resilience under pressure and ability to navigate crises effectively.
  • Adaptability to changing regulatory landscapes and evolving risk environments.
 
 
 
bachelor degree
24
JOB-68a9c41b10bd3

Vacancy title:
IT Risk Officer

[Type: FULL_TIME, Industry: Finance, Category: Computer & IT]

Jobs at:
I&M

Deadline of this Job:
Sunday, August 31 2025

Duty Station:
Uganda | Kampala | Uganda

Summary
Date Posted: Saturday, August 23 2025, Base Salary: Not Disclosed

Similar Jobs in Uganda
Learn more about I&M
I&M jobs in Uganda

JOB DETAILS:

The role is responsible for overseeing the embedding and implementation of risk management process in the ICT and digital transformation initiatives, conduct control testing, collaborating the above functions to develop and implement risk management actions plans and to support in conducting incidents investigations to identify root cause and mitigation to manage any risks arising from such incidents.

Key Responsibilities


  • Governance
  • Participate in the periodic review of ICT, Projects and Digital Business policies and procedures in liaison with the Business units to identify areas of potential improvement or weakness in risk management controls. Review of policies and procedures includes other stakeholders as required.
  • Participate in the periodic review of Risk Policies and Procedures in liaison with the other units in Risk & Compliance.
  • Monitor implementation of ICT, Projects and Digital Business policies and procedures.
  • Independent analysis and reporting of top ICT risks and their mitigation therein.
  • Manage immediate reports to ensure IT & Digital Risk Management objectives and KPIs are met in a timely manner.


           Risk Identification, Assessment, and Mitigation

  • Implementation of appropriate Enterprise Risk Management methodologies, Tools & Techniques
  • Support and participate in the Unit Operational Risk and Compliance Committees for Business units across the bank with the respective Risk champions.
  • Coordinating the implementation of the Risk & Control Self-Assessment (RCSA) framework across the various Business and Support units
  • Participate in the embedment of all new and emerging Technology and Digital risks into the business units’ registers.
  • Review and follow up on the unit’s quarterly RCSAs to identify top risks, control gaps, issues raised and track for closure.
  • Providing day-to-day support and guidance to ICT, Digital and Projects functions and other stakeholders across the Bank on the identification, assessment, measurement and reporting of enterprise and process risk.
  • Independent Digital and ICT third party risk assessments and technical due diligence.
  • IT Risk assurance - Actively engaging in end-to-end risk remediation planning, resolution, and monitoring activities. i.e. (Patching, hardening, baseline controls for different OS and applications, application whitelisting etc.)
  • Support and participate in designing the Bank’s Key Risk Indicators framework (KRIs)
  • Review the KRI reports from the ICT, Projects and Digital Business units and any other as assigned and report any outside approved tolerance limits i.e. exceptions for follow up and action planning
  • Participate and support the risk owners to define key risk metrics for IT & Digital risks within the Business and Support functions
  • Support the Implementation of the Incident management and loss data reporting framework
  • Ensure that Change and Incident management procedures are implemented and report on gaps noted for remediation
  • Follow up, track and analyze system incidences and other incidences to ensure proper identification of root cause and follow up on implementation of comprehensive action plans/measures to close loopholes by respective business units.
  • Support and participate in developing Control testing checklists in the Business units as per the Control Testing procedure
  • Actively participate in carrying out independent Control Testing at Business units, to ensure that policies and procedures are effectively implemented, discuss the test results with the business teams and follow up on closures of the action plans within the agreed timelines
  • Follow up with business units to update the risk registers accordingly after control testing findings to reflect the units control environment.
  • Support the preparation of reports for Management and Board


           Project Risk management

  • Support and participate in the control testing for all new and existing initiatives and projects being delivered and facilitate the reporting of potential risk exposures, the risk mitigations and tracking and reporting of risk remediation efforts.
  • Participate in carrying out Risk assessments for project initiatives and process reviews


         

           Training and Awareness

  • Assist in raising awareness and providing training for bank employees on Risk policies and procedures
  • Audit
  • Follow up and ensure that all open issues identified by auditors are adequately closed within the agreed time frame.

Educational Requirements

  • Bachelor’s degree in computer science, Information Technology or related field
  • A Relevant professional requirement such as CRISC (Certified in Risk and Information Systems Control (CRISC) CISA.

Work Experience

  • Minimum of 2 to 4 years progressive experience in a similar role preferably in financial institutions.

Key Required Competencies & Skills

  • Understanding of financial/banking business operation.
  • Excellent analytical, interpretive and problem-solving, communication and relationship skill.
  • Strong understanding of systems security governance, compliance, and risk management principles.
  • Strong Project Management skills.
  • Working knowledge of control and risk management concepts with the ability to evaluate digital and IT risk and control environment in liaison with business functions.
  • Understanding of IT & Digital risk management/ measurement techniques.
  • Demonstrable experience with developing/ IT and digital risk management framework, including compliance and monitoring program or related field.
  • Proven ability to work across different areas of IT risk management
  • Having experience in reviewing DPIAs and Data Risks would be an added advantage.
  • A proactive self-starter.

Behavioral Competencies

  • High ethical standards and integrity.
  • Resilience under pressure and ability to navigate crises effectively.
  • Adaptability to changing regulatory landscapes and evolving risk environments.

 

Work Hours: 8

Experience in Months: 24

Level of Education: bachelor degree

Job application procedure

Interested in applying for this job? Click here to submit your application now

 

All Jobs | QUICK ALERT SUBSCRIPTION

Job Info
Job Category: Computer/ IT jobs in Uganda
Job Type: Full-time
Deadline of this Job: Sunday, August 31 2025
Duty Station: Uganda | Kampala | Uganda
Posted: 23-08-2025
No of Jobs: 1
Start Publishing: 23-08-2025
Stop Publishing (Put date of 2030): 23-08-2044
Apply Now
Notification Board

Join a Focused Community on job search to uncover both advertised and non-advertised jobs that you may not be aware of. A jobs WhatsApp Group Community can ensure that you know the opportunities happening around you and a jobs Facebook Group Community provides an opportunity to discuss with employers who need to fill urgent position. Click the links to join. You can view previously sent Email Alerts here incase you missed them and Subscribe so that you never miss out.

Caution: Never Pay Money in a Recruitment Process.

Some smart scams can trick you into paying for Psychometric Tests.