top of page

Manager IT Security Governance job at DFCU Bank | Apply Now

Are you looking for Computer/IT jobs in Uganda 2025 today? then you might be interested in Manager IT Security Governance job at DFCU Bank

Kampala, Uganda

Full Time

Deadline: 

9 Apr 2025

About the Organisation

DFCU Bank is a leading financial institution in Uganda dedicated to transforming lives and businesses through innovative financial solutions that drive economic growth and financial inclusion. Established in 1964 as the Development Finance Company of Uganda, the bank has grown from a development finance institution into a full-fledged commercial bank, with a significant milestone being its acquisition of Crane Bank in 2017. Recognized for its strong financial performance, customer service excellence, and digital banking innovations, dfcu Bank has received multiple industry awards and remains a trusted partner for individuals, SMEs, and corporate clients.

The bank fosters a dynamic and inclusive work culture that emphasizes integrity, customer focus, innovation, teamwork, and excellence, offering employees professional growth, career advancement opportunities, and competitive benefits. With a strong presence across Uganda through an extensive network of branches, ATMs, and digital banking services, dfcu Bank continuously invests in technology to enhance accessibility and efficiency.

Committed to corporate social responsibility, the bank actively supports financial literacy programs, women empowerment initiatives, environmental sustainability efforts, and youth entrepreneurship. Headquartered at 26 Kyadondo Road, Kampala, Uganda, dfcu Bank remains a key driver of financial empowerment and economic development in the country. For more information

DFCU Bank is a fast growing commercial bank offering a variety of innovative products and services. DFCU Limited was started by the Commonwealth Development Corporation (CDC) of the United Kingdom and the Government of Uganda through the Uganda Development Corporation (UDC) under the name of Development Finance Company of Uganda Limited. Later restructuring brought in DEG (of Germany) and International Finance Corporation (IFC) as equal partners with CDC and UDC, each having a 25% stake in the company. Its objective was to support long-term development projects whose financing needs and risk did not appeal to the then existing financial commercial lending institutions.

Job Title

Manager IT Security Governance job at DFCU Bank

DFCU Bank

Job Description

Job Title:  Manager IT Security Governance

Organisation: DFCU Bank

Duty Station: Kampala, Uganda


Reporting to the Head Information and Cybersecurity, the role holder will be responsible for developing, implementing, and overseeing security policies, frameworks, and strategies to ensure compliance with regulations, alignment with business objectives, and effective risk management across the organization.

Duties, Roles and Responsibilities

Security policy development and management:

  • Develop, implement, and maintain security policies, standards, and guidelines.

  • Ensure policies align with `bank goals, industry standards, and regulatory requirements (e.g., ISO 27001, NIST.).

  • Periodically review and update policies to address evolving risks and technologies.


Risk Management:

  • Lead department risk assessment process in line with ISO 27001.

  • Test the controls identified within the department RCSA and implement identified gaps.

  • Develop and oversee risk treatment plans to mitigate identified vulnerabilities.

  • Facilitate regular risk assessments and track the resolution of high-priority risks.


Regulatory Compliance:

  • Ensure the bank complies with legal, regulatory, and contractual obligations related to information security. This includes ensuring quarterly reporting to Bank of Uganda as per the Bank of Uganda Guidelines on Cyber and Technology Risk 2024.

  • Act as a liaison during audits or assessments and ensure audit findings are addressed timely. This involves working with other team members resolve audit issues timely and effectively to avoid repeat issues.

  • Monitor changes in relevant regulations and update governance practices accordingly.


Security framework Implementation:

  • Implement and manage security frameworks such as ISO 27001, COBIT, NIST CSF, or others as appropriate.

  • Establish and maintain an Information Security Management System (ISMS) for structured governance.


Metrics and Reporting:

  • Automation of the information security reporting dashboard and management of update of the same.

  • Provide regular reports to Executive management and the board on the organization’s security posture, risks, and compliance status.


Governance Committees and Stakeholder Engagement:

  • Participate in security governance committees, ensuring cross-functional alignment on security goals.

  • Develop and enforce third-party security agreements and ensure they align with organizational risk tolerance.


Incident and Crisis Management Oversight:

  • Provide governance support during security incidents by ensuring the incident response process aligns with policies and compliance requirements.

  • Ensure lessons learned from incidents are integrated into governance improvements.


Training and Awareness Programs:

  • Establish and oversee security awareness programs to educate employees and customers on security policies, risks, and best practices.

  • Continuous Improvement:

  • Develop and refine the organization’s long-term information security strategy.

  • Stay informed about emerging threats, technologies, and governance trends to adapt practices proactively.

  • Benchmark the bank’s information security program against industry best practices.

Get a professional CV. Comes with a free cover letter
Get a Professional CV today. Comes with a free cover letter
Get a professional CV Today

SERVICES

COMMERCIAL

SERVICES

INDUSTRIAL

SERVICES

RESIDENTIAL

SERVICES

COMMERCIAL

SERVICES

INDUSTRIAL

SERVICES

RESIDENTIAL

SERVICES

COMMERCIAL

SERVICES

COMMERCIAL

SERVICES

COMMERCIAL

SERVICES

COMMERCIAL

SERVICES

INDUSTRIAL

SERVICES

RESIDENTIAL

Qualifications, Education and Competencies

  • Minimum: Bachelor’s degree in computer science, Information Technology, or a related field.

  • Preferred: Master’s degree specializing in Digital Security.

  • Certifications: CISSP, CISM, CEH, CISA, CRISC, or ISO27001 Lead implementor or Lead Auditor equivalent.

  • Experience: At least 6 years, with a minimum of 3 years in information security within a bank/financial services environment.

  • Information security framework implementation and audit knowledge. For example, ISO 27001 framework.

  • PCI -DSS standard implementation knowledge.

  • System Security Assessments

  • Team leadership skills and stakeholder management

  • Strategic & Analytical thinking

  • Communication skills.

How to Apply

If you believe you meet the requirements as noted above, please forward your application with a detailed CV including present position and copies of relevant professional/academic certificates, to the email address indicated below:

Vacanciesbank@dfcugroup.com

Kindly copy your respective HCBP in the process of sending through your applications.

Deadline: 09th April 2025.



Related Jobs

Ultimate Interview Pack with over 50 toughest interview questions
Online Courses - Apex Accounting School
Lets help you make a CV that wins interviews. Get a professional CV today!
Opportunity Bank
IT & Cyber Risk Specialist job at Opportunity Bank (OBUL)
4 Apr 2025
Apply Now
Opportunity Bank (OBUL)
DFCU Bank
Software Developer job at DFCU Bank
10 Apr 2025
Apply Now
DFCU Bank
DFCU Bank
Senior Manager Data Engineering job at DFCU Bank
10 Apr 2025
Apply Now
DFCU Bank
DFCU Bank
2 Data Engineer jobs at DFCU Bank
10 Apr 2025
Apply Now
DFCU Bank
DFCU Bank
IT Security Specialist - Applications job at DFCU Bank
9 Apr 2025
Apply Now
DFCU Bank
Get a Professional CV
bottom of page