Apply Now!

ICT Risk Officer at BRAC Uganda Bank

--Powermax General Electrical Merchants Ltd--

Job Description

The IT Risk Officer will assume a pivotal role in safeguarding Brac Uganda Banks’s digital assets, emphasizing the preservation of confidentiality, integrity, and availability of information. This role encompasses the evaluation, analysis, and mitigation of ICT-related risks, along with the formulation and execution of robust risk management strategies and policies.

Job Industry

ICT / Computer, Data, Business Analysis and AI

Job Salary Currency

Job Salary Fixed

No

Key Deliverables

  • Assess and analyse the bank’s ICT systems, applications, and processes to identify vulnerabilities and potential risks.
    • Regularly review bank’s systems and banking application user rights and develop/update user right matrices.
    • Maintain criteria for assessing applications and systems to measure compliance with company policies, procedures, standards, security training programs, technical infrastructure, and development efforts against internal compliance baselines.
    • Analyse existing ICT risk management processes and recommend improvements to ensure a clear separation of operational and compliance responsibilities.
    • Collaborate with IT teams to assess and evaluate new technologies, systems, ICT projects, IT vendors and applications for potential risks and vulnerabilities.
    • Analyse database activities and user actions to detect and investigate any unauthorized or suspicious activities.
    • Review the implemented security controls and hardening measures for database systems.
  • Conduct training sessions for staff, emphasizing ICT risks and mitigation measures related to operations, strategy, and compliance.
    • Develop and implement ICT risk management policies, procedures, and guidelines to ensure compliance with regulatory requirements and industry best practices.
    • Assist with assessments of vendors and business contracts for evaluation and tracking of risk changes.
    • Prepare and present detailed reports on ICT risk assessments, incidents, and mitigation strategies to senior management and stakeholders.
    • Monitor ICT activities to ensure adherence to set policies, procedures, and guidelines governing risk identification, assessment, control, and overall risk management processes.

Essential Qualities

Essential Qualities
  • Bachelor’s degree in computer science, Software Engineering, Information Technology, Cybersecurity and Digital Forensics or Information Systems.
  • At least 1 year experience in ICT in a banking environment with ICT security.
  • Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC).
  • Strong understanding of information technology systems, networks, and infrastructure.
  • Proficiency in cybersecurity principles, threats, and best practices.
  • Ability to identify and assess IT related risks and vulnerabilities.
  • Understanding of relevant compliance, legal, regulatory and industry standards.
  • Analyzing data to identify trends, patterns, and anomalies that may indicate potential risks.
  • Effective communication, reporting and presentation skills.
  • Ability to respond effectively to IT security incidents and breaches

Application Process

Close Date

15/11/2025

Apply Now!