Related Jobs
%20(1).jpg)
.jpg)
.jpeg)
Related Jobs
Related Jobs
Share this Job
Manager – Information Risk job at DFCU Bank | Apply Now
Are you looking for Bank jobs in Uganda 2025 today? then you might be interested in Manager – Information Risk job at DFCU Bank
About the Organisation
DFCU Bank is a leading financial institution in Uganda dedicated to transforming lives and businesses through innovative financial solutions that drive economic growth and financial inclusion. Established in 1964 as the Development Finance Company of Uganda, the bank has grown from a development finance institution into a full-fledged commercial bank, with a significant milestone being its acquisition of Crane Bank in 2017. Recognized for its strong financial performance, customer service excellence, and digital banking innovations, dfcu Bank has received multiple industry awards and remains a trusted partner for individuals, SMEs, and corporate clients.
The bank fosters a dynamic and inclusive work culture that emphasizes integrity, customer focus, innovation, teamwork, and excellence, offering employees professional growth, career advancement opportunities, and competitive benefits. With a strong presence across Uganda through an extensive network of branches, ATMs, and digital banking services, dfcu Bank continuously invests in technology to enhance accessibility and efficiency.
Committed to corporate social responsibility, the bank actively supports financial literacy programs, women empowerment initiatives, environmental sustainability efforts, and youth entrepreneurship. Headquartered at 26 Kyadondo Road, Kampala, Uganda, dfcu Bank remains a key driver of financial empowerment and economic development in the country. For more information
Kampala, Uganda
Full Time
Job Title
Manager – Information Risk job at DFCU Bank
DFCU Bank
Job Description
Job Title: Manager – Information Risk
Organisation: DFCU Bank
Duty Station: Kampala, Uganda
Job Summary:
Reporting to the Head- Information Risk Management, the role holder is responsible for Supporting the Head of Information Risk Management in overseeing and managing cyber, technology, and information risks (including digital and paper-based records) within the enterprise risk management portfolio, assisting in the identification, assessment, mitigation, and monitoring of information-related risks across the information lifecycle (creation, processing, storage, transmission, and disposal), and Contributing to the implementation of information risk pillars—such as Technology Enablement and Cyber Control, People Risk and Awareness Culture, Operational Resilience, Third-Party Information Oversight, and Metrics & Board Reporting and support project management review.
Duties, Roles and Responsibilities
Support the execution of the approved information risk management strategy.
Monitor the effectiveness of controls and recommend updates based on evolving threats and incidents.
Participate in digital transformation initiatives by identifying risks to emerging technologies and supporting the integration of security controls.
Conduct risk assessments for information assets (digital and paper-based), identifying threats, vulnerabilities, and evaluating existing controls across the enterprise.
Assist in quantifying inherent and residual risks and recommending risk treatment plans.
Support the assessment and review of risks related to changes in information systems, processes, and assets.
Ensure compliance with security policies during change processes.
Advise on the implementation of changes in the bank.
Review and assess information risk aspects of key projects and initiatives across the organization.
Participate in project steering committees or working groups as required, providing risk insights and recommendations.
Monitor project risk registers and ensure that information risk controls are embedded in project plans and delivery.
Track and report on the status of risk mitigation actions within projects, escalating unresolved issues to the Head of Information Risk Management.
Assist in assessing risks for alignment with the institution’s risk appetite and in preparing recommendations for capital allocation as part of ICAAP.
Monitor current and emerging risks, and changes in laws, regulations, and standards.
Prepare risk reports, key risk indicators (KRIs), and compliance maturity updates for review by the Head of Information Risk Management.
Maintain and update risk registers for cyber, technology, and information risks.
Support the maintenance of a comprehensive inventory of information assets and conduct business impact analyses.
Collaborate with the CTDO, CISO, and business technology teams to design and implement controls for safeguarding information assets.
Support third-party risk assessments and vendor compliance reviews.
Support the design of Enterprise-wide information risk controls.
Advise on the design and architecture of the bank’s implementations.
Assist in ensuring compliance with relevant laws, regulations, and standards (e.g., ISO/IEC 27001, PCI DSS, SWIFT).
Support the preparation of risk related regulatory reports and compliance monitoring.
Support the inclusion of information assets in business impact analyses and disaster recovery planning.
Assist in incident response and post-incident reviews for breaches involving information assets.
Participate in employee awareness campaigns and training to promote secure behaviour and reduce insider threats.
Support customer awareness initiatives on information security best practices.
Coordinate with other risk and assurance functions (e.g., Compliance, Operational Risk, Internal Audit) as required.
Maintain documentation of all oversight, challenge, and assurance activities performed.
SERVICES
COMMERCIAL
SERVICES
INDUSTRIAL
SERVICES
RESIDENTIAL
Qualifications, Education and Competencies
Bachelor’s Degree in Information Technology, Cybersecurity, Risk Management, or a related field. Master’s degree are highly desirable.
Knowledge of data analysis, data modelling and validation tools.
Experience in management reporting on Information Risk Management through effective documentation, data analysis, reporting, and communication of risk assessments and mitigation strategies.
Minimum of 5 years’ experience in information risk management or a related field, preferably in the financial services sector.
Strong analytical, communication, and interpersonal skills.
Experience in project management or project risk review is highly desirable.
Familiarity with the financial regulatory system and risk management frameworks.
Professional certifications such as CISM, CRISC, CISSP, or ISO 27001 Lead Auditor are an advantage.
Attention to detail, integrity, and high standards.
Ability to work independently and as part of a team.
Strong initiative and willingness to take responsibility.
Ability to work under pressure and engage with stakeholders at various levels.
How to Apply
If you believe you meet the requirements as noted above, please forward your application to the APPLY Button below:
Deadline: 15th October 2025
NB: Only short-listed candidates will be contacted.
