Information Risk Management (IRM) – Apprentice

Description
ABSA Bank Uganda is hiring an Information Risk Management (IRM) – Apprentice to support the Information Risk Management function in protecting Absa Bank Uganda’s information assets by assisting in the implementation, monitoring, and enforcement of controls across Records Management, Data Privacy, and Logical Access Management.

The role aims to build foundational expertise in managing information risk, ensuring compliance with regulatory requirements, and promoting a strong risk-aware culture within the bank.

The apprentice will contribute to maintaining confidentiality, integrity, and availability of information while gaining hands-on experience in banking risk management frameworks, governance processes, and control environments.

Key Duties and Responsibilities:

Logical Access Management

Outputs:

Assist in the timely and accurate provisioning of system access based on approved requests.
Support periodic user access reviews (UAR) across critical banking systems.
Assist business owners in validating appropriate access rights.
Track, document, and follow up on access review exceptions and remediation actions.
Maintain evidence of completed recertification exercises for audit purposes.
Assist in identifying and flagging potential segregation of duties conflicts
Assist in monitoring and controlling privileged (high-risk) accounts.
Ensure privileged access is granted only with appropriate approvals and justification.
Support periodic review of administrator and super-user accounts
Ensure access management activities comply with Absa Group policies and regulatory requirements.
Assist in identifying control gaps and recommending improvements.
Support initiatives to improve automation and efficiency in access management processes
Contribute to enhancing control effectiveness and operational resilience.
Data Privacy

Outputs:

Assist in ensuring compliance with the Uganda Data Protection and Privacy Act, 2019, Bank of Uganda guidelines, and Absa Group policies.
Support implementation of data privacy frameworks, standards, and controls across business units.
Support implementation of data privacy principles and controls across business units.
Assist in maintaining the Record of Processing Activities (RoPA).
Participating in Data Protection Impact Assessments (DPIAs).
Support handling of data subject rights requests (access, correction, deletion).
Assist in tracking and reporting data breaches and privacy incidents.
Monitor compliance of third-party data processors with privacy requirements.
Records Management

Outputs:

Assist in implementing and maintaining compliance with records management policies, standards, and procedures.
Maintain and update records inventories and classification registers.
Support implementation of records retention and disposal schedules.
Assist in ensuring secure storage, archival, retrieval, and destruction of records.
Participate in records management audits and compliance reviews.
Support awareness initiatives to promote proper records handling practices
Continuous Learning & Improvement

Actively develop knowledge in information security, data privacy, and risk management.
Stay informed about emerging risks, regulatory changes, and industry best practices.
Contribute to process improvements and efficiency initiatives within the IRM function.
Key Success Measures / Key Performance Indicators

Accuracy and timeliness of access user management
Reduction in unauthorized or excessive access risk
Timely and accurate handling of data subject requests
Accuracy and completeness of records inventories
Compliance with retention and disposal requirements
Efficiency in records retrieval and archival processes
Reduction in records-related audit findings
 

Qualifications, Skills and Experience:

Bachelor’s degree in: Information Technology, Information & Cyber Security, Records & Archives Management or related field.
Knowledge of a variety of software, hardware and operating systems
Knowledge of data protection laws in Uganda is an added advantage
Degree Classification:

First Class or Second-Class Upper

O’Level Results:

Credit or higher in both Mathematics and English
A’Level Results:

At least two principal passes
Year of graduation:

Should have graduated between 2024 to 2026
Technical Skills & Competencies

Preferred

Detailed Basic understanding of: Information Security & Risk Management principles, Data Protection and Privacy laws, IT access controls and identity management
Familiarity with: Microsoft Office (Excel, Word, PowerPoint), Document/records management systems, Access management tools (entry-level exposure)
High level of integrity and confidentiality
Strong attention to detail
Good analytical and problem-solving skills
Effective communication and interpersonal skills
Willingness to learn and adapt in a regulated environment
 

How to Apply:

All suitably qualified and Interested applicants should apply online at the link below.

https://absa.wd3.myworkdayjobs.com/ABSAcareersite/job/Kampala/Apprentice—Information-Risk-Management–IRM-_R-15987815

NB: Only shortlisted candidates will be contacted.