Job Title: Risk Analyst (ICT)
Organisation: UGAFODE Microfinance Limited (MDI
Duty Station: Uganda
UGAFODE Microfinance Limited (MDI) is a registered financial institution in Uganda and is adherent to the Central Bank’s regulations and guidelines and was founded in 1994 to provide quality microfinance services.
Job Summary: Responsible for providing support in the development and management of the institution’s risk framework by embedding a risk culture awareness through the identification, development and monitoring of the institution’s risk framework and management of the institution’s ICT risks in line with UGAFODE (MDI) Enterprise Risk Management (ERM) standards.
Key Duties and Responsibilities:
- Draft development/review of Risk Matrix for the institution: In conjunction with Head of Risk, initiate and draft ICT areas of focus for risks by identifying, reviewing and profiling company’s new and existing ICT systems.
- Risk identification and Assessment: Using different risk identification/profiling methods like; observations, reported lapses in business and Audit findings, identify ICT risks and assess their impact likelihood to the institution and its business operations so as to mitigate it.
- Support with Risk awareness: Conduct trainings including induction training to new staff and other awareness sessions to staff and management highlighting potential ICT risks and mitigants to operations, strategy and people processes so as to embed an ICT risk management culture in the company.
- Support with risk awareness in institutional projects: Participate in the identification, assessment and management of potential risks in all institution ICT projects, investments, processes and policies by highlighting potential risks and due mitigations to avert financial or non- financial losses.
- Reports: Develop and submit reports as required arising out of IT risk identification, assessment and mitigation to support business efficiencies and further management decision making in the institution.
- Risk benchmarking: Carry out benchmarking on best practices and procedures in ICT risk identification, planning, controls to support the institution to effectively manage ICT risks.
- Ensure due compliance: Ensure adherence to set internal and external ICT policies, procedures and other guidelines governing risk identification, assessment, control and overall Risk management processes in the institution and profession.
- Identification and analysis of emerging IT risks.
- Creation and monitoring of IT key risk indicators.
Qualifications, Skills and Experience:
- BA or BS in Information Systems Technology, Computer Science, or Engineering, or equivalent experience required
- Possesses one or more of the following certifications: Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or other related certification.
- Minimum of 2 years’ experience in IT, IT Risk Management or IT Audit.
- Demonstrates proven success in a role that emphasizes the following: IT Risk Management, Governance and / or Technical Privacy.
- Demonstrates domain knowledge of IT infrastructure, application development / Software Development Lifecycle (SDLC) and / or information security.
- Ability to; effectively manage multiple competing priorities, demonstrate strong organizational skills, resourcefulness, good judgment, persistence and follow through, influence and “effectively challenge” others.
- Strong project management skillset.
- Detail oriented and strong communication skills.
How to Apply:
If you believe you meet the requirements as stated, submit an application letter together with an up-to-date CV to our email: firstname.lastname@example.org. Save the Documents as Your Full Name & indicate the job title you are applying for in the Email Subject Line. Your applications should be addressed to the Head of Human Resources
Deadline: 29th June 2022