Qualifications

• Bachelor’s degree in- Legal; Information Technology; Computer Science, Cyber Security
  
• A relevant recognised data privacy related or information security certification e.g. Certified Information Privacy Manager (CIPM); CIPP/E; CIPP/US; Certified Data Privacy Solutions Engineer (CDPSE); Certified Information Systems Security Professional (CISSP)
  
• 3 years’ experience in a relevant field with at least 1–2 years in data privacy, data governance, compliance, or cybersecurity.
  
• Familiarity with data protection laws (e.g., Uganda’s Data Protection and Privacy Act, GDPR). IT systems, data architecture and cybersecurity principles.
  
• Ability to assess complex data flows, identify risks, and evaluate control effectiveness. Experience in risk identification, control evaluation and compliance monitoring
  

• Support and aid the Data Protection Officer discharge accountability for the bank’s compliance with applicable data protection laws and regulations.
  
• Conduct regular monitoring to identify any potential areas of non-compliance and recommend solutions to ensure that the bank complies with the requirements of the act and regulation(s).
  
• Provide advisory to decision-makers and raise concerns with management on all strategic and high-risk issues to ensure these matters are dealt with timeously and as per the standards set out in the Risk Management Framework.
  
• Serve as a point of contact within the bank for staff members, customers, third parties, the regulator, Personal Data Protection Office (PDPO), and relevant public authorities on matters related to Data Protection and privacy.
  
• Collaborate with compliance to inform Country Executives, relevant Centre of Excellence (CoE) Heads, about data protection regulatory inspections and act as a conduit for any information requests, responses, and findings