in , ,

Senior Specialist – ERM Technology and IT

MTN Uganda Limited is an equal opportunity employer and is seeking to recruit competent individual to fill the following Position;


Job Title: Senior Specialist – ERM Technology and IT

Reports to: Senior Manager – Enterprise Risk Manager

Division: Risk and Compliance

No. of Vacancies: 1


Main Job Functions:


1. ERM – technology/information security

  • Supporting the implementation of the MTN group risk management strategy and framework as it relates to technology/information risk
  • Develop, manage and implement the information security risk assurance plans
  • Manage and conduct formal information security risk analyses, reviews, tests, audits and/or self-assessments;
  • Design appropriate remedial actions for identified risks, drive remediation of findings and management of risks and exemptions;
  • Provide technical advice on products and information security controls;
  • Ensure that risks envisaged in planned new systems, products & services, projects and, data migrations are flagged early, escalated as appropriate and resolved quickly.
  • Evaluate and/or test solutions/systems and ensure appropriate information security and data privacy requirements and controls have been considered and incorporated into these, where necessary support the remediation of findings;
  • Report information security risks in an appropriate way for different audiences;
  • Manage information security investigations and incident management;
  • Support for digital forensics


2. Data protection Officer for MTN Uganda

  • Supporting the implementation of the MTN group data privacy Programme
  • Develop, manage and implement the data privacy monitoring plan including regular assessments to ensure compliance to with the Uganda Data Protection & Privacy Act
  • Maintain records of all data processing activities conducted by MTN Uganda
  • Conduct staff training and awareness sessions in data protection and privacy
  • Ensure that data subjects’ requests with respect to personal data (collected & processed by MTN Uganda) are fulfilled including informing data subjects about how their personal data is being used, what measures MTN Uganda has put in place to protect the data
  • Serve as the point of contact between the person, institution or public body, and the Personal Data Protection Office.



  • Bachelor’s degree in information technology/ systems, computer science, computer or related field with at least five years’ information technology experience, with at least two years in information security governance, risk and compliance.
  • Professional risk qualification with preferably two years post-qualification experience in a complex technology and/or financial services organization e.g. CISM, CISA, CISSP
  • Membership/Affiliation with Risk Management bodies e.g. ISACA is desired.


  • Experience in implementation of Enterprise Risk Management frameworks with bias in technology and information risk in line with an organization’s technical and business environment.
  • Experience in developing the appropriate information security governance and compliance measures.
  • Experience in information security risk and incident management, business continuity, disaster recovery, information security incident management, auditing and conducting assessments.
  • Experience in assessments against international information security standards and/or best practice such as the ISO 27000 series, NIST 800 series, COBIT;
  • Able to analyze large volumes of data using data analytical tools e.g. ACL or SQL
  • Strong written and verbal communication skills including management reporting at both middle and top management levels.

Knowledge and Trainings:

  • Corporate Governance frameworks e.g. ISO 27001, NIST, COBIT, Sarbanes Oxley, King IV, etc.
  • Data Governance
  • Information technology & security Risk;
  • Ability to gauge and manage risk.
  • Project Management abilities, including escalation of issues, analytical thinking and lateral creativity

Skills Competencies:

  • Good Interpersonal skills
  • Able to present and report on complex information in an innovative and informative way.
  • Working under pressure to meet reporting deadlines
  • Consistent demonstration of excellent written and verbal communication
  • Independent attitude and team spirit.

Other Skills:


  • Collaborative
  • Conflict handling & Resolution
  • Inquisitive skewed to research
  • Integrity
  • Persuasiveness

MTN Uganda Limited has the obligation to safeguard its employees through providing a working environment that is safe and without risk to the health of its employees. MTN has a Vaccination policy for all its employees to be fully vaccinated against Covid-19 in order to work from its offices and premises. Female applicants are strongly encouraged to apply.


Get Notifications Faster by:
(Visited 29 times, 1 visits today)

Manager – Enterprise Applications

Research, Monitoring, and Evaluation Specialist Job Vacancy – John Hopkins Center for Communication programs (CCP)