Senior Specialist – ERM Technology and IT

MTN Uganda Limited is an equal opportunity employer and is seeking to recruit competent individual to fill the following Position;

Job Title: Senior Specialist – ERM Technology and IT

Reports to: Senior Manager – Enterprise Risk Manager

Division: Risk and Compliance

No. of Vacancies: 1

Main Job Functions:

1. ERM – technology/information security

• Supporting the implementation of the MTN group risk management strategy and framework as it relates to technology/information risk
• Develop, manage and implement the information security risk assurance plans
• Manage and conduct formal information security risk analyses, reviews, tests, audits and/or self-assessments;
• Design appropriate remedial actions for identified risks, drive remediation of findings and management of risks and exemptions;
• Provide technical advice on products and information security controls;
• Ensure that risks envisaged in planned new systems, products & services, projects and, data migrations are flagged early, escalated as appropriate and resolved quickly.
• Evaluate and/or test solutions/systems and ensure appropriate information security and data privacy requirements and controls have been considered and incorporated into these, where necessary support the remediation of findings;
• Report information security risks in an appropriate way for different audiences;
• Manage information security investigations and incident management;
• Support for digital forensics

2. Data protection Officer for MTN Uganda

• Supporting the implementation of the MTN group data privacy Programme
• Develop, manage and implement the data privacy monitoring plan including regular assessments to ensure compliance to with the Uganda Data Protection & Privacy Act
• Maintain records of all data processing activities conducted by MTN Uganda
• Conduct staff training and awareness sessions in data protection and privacy
• Ensure that data subjects’ requests with respect to personal data (collected & processed by MTN Uganda) are fulfilled including informing data subjects about how their personal data is being used, what measures MTN Uganda has put in place to protect the data
• Serve as the point of contact between the person, institution or public body, and the Personal Data Protection Office.

Education:

• Bachelor’s degree in information technology/ systems, computer science, computer or related field with at least five years’ information technology experience, with at least two years in information security governance, risk and compliance.
• Professional risk qualification with preferably two years post-qualification experience in a complex technology and/or financial services organization e.g. CISM, CISA, CISSP
• Membership/Affiliation with Risk Management bodies e.g. ISACA is desired.

Experience:

• Experience in implementation of Enterprise Risk Management frameworks with bias in technology and information risk in line with an organization’s technical and business environment.
• Experience in developing the appropriate information security governance and compliance measures.
• Experience in information security risk and incident management, business continuity, disaster recovery, information security incident management, auditing and conducting assessments.
• Experience in assessments against international information security standards and/or best practice such as the ISO 27000 series, NIST 800 series, COBIT;
• Able to analyze large volumes of data using data analytical tools e.g. ACL or SQL
• Strong written and verbal communication skills including management reporting at both middle and top management levels.

Knowledge and Trainings:

• Corporate Governance frameworks e.g. ISO 27001, NIST, COBIT, Sarbanes Oxley, King IV, etc.
• Data Governance
• Information technology & security Risk;
• Ability to gauge and manage risk.
• Project Management abilities, including escalation of issues, analytical thinking and lateral creativity

Skills Competencies:

• Good Interpersonal skills
• Able to present and report on complex information in an innovative and informative way.
• Working under pressure to meet reporting deadlines
• Consistent demonstration of excellent written and verbal communication
• Independent attitude and team spirit.

Other Skills:

• Collaborative
• Conflict handling & Resolution
• Inquisitive skewed to research
• Integrity
• Persuasiveness

MTN Uganda Limited has the obligation to safeguard its employees through providing a working environment that is safe and without risk to the health of its employees. MTN has a Vaccination policy for all its employees to be fully vaccinated against Covid-19 in order to work from its offices and premises. Female applicants are strongly encouraged to apply.

APPLY FOR THIS JOB >>>>