Background

Finance Trust Bank was licensed as a Tier 1 Commercial Bank on 11th November 2013, taking over the financial services business of Uganda Finance Trust Limited (MDI). Today Finance Trust Bank is a fully-fledged commercial bank serving a clientele of over 500,000 depositors and over 37,000 borrowers, through a network of 34 branches country wide. The bank offers a variety of Products and services including; Savings, Current accounts, Loans, Money transfer services and Bills payments to its target market which comprises of micro, small and medium entrepreneurs, salary earners and youth.

In order to meet the needs of its growing customer base, the company is seeking to recruit dynamic, self-motivated, result-oriented professionals to fill the following position.

1. MANAGER IT RISK

This position reports directly to the Head of Risk and will be based at Head Office.

Role of the Job:

The role of the Manager IT Risk is to support the Head of Risk in the management of Information systems Technology risks. The role holder shall develop risk reports for the IT Risk Committee and Management Risk Committee detailing the direction and drivers of IT risk for remedial actions to safeguard the interests of Finance Trust Bank.

Key Result Areas:

• Conduct IT risk assessments for new and existing systems, applications, and programs to identify vulnerabilities and or security exposures and propose controls to mitigate the associated risks.
• Conduct security reviews for the Bank’s network, databases, applications and servers.
• Conduct due diligence on the Bank’s IT third party service providers and advise management on the viability and or suitability of any partnerships.
• Coordinate the review of IT related Policies, Processes, and risk tolerance limits.
• Facilitate the review of IT Risk and Control Self Assessments (RCSAs), maintain an IT Risk register and monitor Key Risk Indicators for IT.
• Provide oversight over the Disaster Recovery programme including but not limited to design, awareness, implementation and testing.
• Conduct second line assurance reviews on the Bank’s IT operations including but not limited to governance, policy, control design, general operational effectiveness, and internal controls.
• Track closure of all IT exceptions arising out of Risk, Internal Audit, External Audit, BOU reviews and any other assurance reviews.
• As a subject matter expert he/she will conduct Project risk assessments for IT projects providing clear mitigants to ensure successful and impactful IT projects.
• Monitor and track IT risk events and follow up on associated action plans to ensure full implementation of proposed actions.
• Support in investigations involving IT aspects through identification, analysis and or custody of evidence.

Minimum educational and technical competence requirements:

• A Bachelor’s degree in Information systems Technology, Computer Science, or related degree.
• Must possess at least one of the following certifications: CRISC, CISA, or other related certification.
• A minimum of 5 years banking experience, 3 of which should be in a Supervisory/ managerial position in IT Audit or IT Risk management.
• The job holder should possess excellent verbal and written communication skills.
• The role holder should demonstrate strong analytical and problem-solving skills to timely identify and deal with IT threats before risks materialize.
• Good negotiation skills and ability to positively influence others.
• The job holder should possess strong leadership skills.

Position carries an attractive salary and benefits package.

• Conduct IT risk assessments for new and existing systems, applications, and programs to identify vulnerabilities and or security exposures and propose controls to mitigate the associated risks.
• Conduct security reviews for the Bank’s network, databases, applications and servers.
• Conduct due diligence on the Bank’s IT third party service providers and advise management on the viability and or suitability of any partnerships.
• Coordinate the review of IT related Policies, Processes, and risk tolerance limits.
• Facilitate the review of IT Risk and Control Self Assessments (RCSAs), maintain an IT Risk register and monitor Key Risk Indicators for IT.
• Provide oversight over the Disaster Recovery programme including but not limited to design, awareness, implementation and testing.
• Conduct second line assurance reviews on the Bank’s IT operations including but not limited to governance, policy, control design, general operational effectiveness, and internal controls.
• Track closure of all IT exceptions arising out of Risk, Internal Audit, External Audit, BOU reviews and any other assurance reviews.
• As a subject matter expert he/she will conduct Project risk assessments for IT projects providing clear mitigants to ensure successful and impactful IT projects.
• Monitor and track IT risk events and follow up on associated action plans to ensure full implementation of proposed actions.
• Support in investigations involving IT aspects through identification, analysis and or custody of evidence.

• Excellent verbal and written communication skills.
• Strong analytical and problem-solving skills.
• Good negotiation skills.
• Ability to positively influence others.
• Strong leadership skills.

• A Bachelor’s degree in Information systems Technology, Computer Science, or related degree.
• Must possess at least one of the following certifications: CRISC, CISA, or other related certification.