Data Protection Officer

The National Information Technology Authority-Uganda (NITA-U) was established as a statutory body under the National Information Technology Authority, Uganda Act, 2009, as one of the key players in the Information and Communications Technology Sector. It’s mandated to coordinate, promote, and monitor IT development within the context of national social and economic development, with a vision of “Lives transformed through e-service delivery”.

APPOINTMENTS

Applications are invited from suitably qualified Ugandans with a dream of building their professional careers in a dynamic and fast-growing sector. The successful candidates will fill the positions of;

Internal Auditor

EMPLOYMENT TERMS

As a responsible and equal-opportunity employer, NITA-U is committed to providing competitive employment terms to successful candidates with the right qualifications, skills, competencies, and experiences. The job specifications, descriptions, and other details are found on the NITA-U official website (www.nita.go.ug)

APPLICATION PROCESS

Interested applicants who meet the job requirements/specifications and with the right personal attributes are invited to complete and submit their application form (which can be downloaded from the NITA-U official website https://www.nita.go.ug/job-applications/job-application-form), with a cover letter, supported by curriculum vitae, copies of certificates and testimonials, and must specify day time telephone contact, postal and email addresses of both the applicant and three referees, to the address below.

The Executive Director,

National Information Technology

Authority – UGANDA (NITA-U),

Palm Courts, Plot 7A, Rotary Avenue (former Lugogo bypass)

P.O. Box 33151, Kampala-Uganda

Tel: 0417 801 038

Via email: hr@nita.go.ug

The deadline for applications for the positions is 29^th May 2026 (Not later than 1700 hrs. Local Time). Only Soft copy applications will be accepted, and no application will be considered without a duly completed and signed standard application form (referred to above).

FEEDBACK

Only successful candidates will be contacted. Any form of solicitation, influence peddling, or any other “backdoor” attempt, of whatsoever nature, to influence the selection process in one’s favour, will automatically lead to the disqualification of a candidate without any recourse.

6. Privacy Notice

Your privacy matters to us. NITA–U will use the information you provide only to process your job application, keep it secure, and retain it for no longer than necessary. You can ask to access, correct, or erase your data at any time by writing to hr@nita.go.ug. See the full privacy notice on our website at https://www.nita.go.ug/data-protection-privacy-notice

Directorate: Personal Data Protection Office (PDPO)
Department: Compliance and Investigations
Reports to: Manager Compliance and Investigations
Salary Grade: N4

Job Purpose

Primary Purpose

The Data Protection Officer will be responsible for providing assurance that data controllers and processors subject to the Data Protection and Privacy Act, Cap 97, and its Regulations have implemented effective technical and organizational measures to safeguard personal data.

Key Accountabilities

Carry out activities to monitor compliance and report on the observance of the right to privacy of a person and of personal data.
Guide audited entities on closing gaps and embedding privacy-by-design principles.
Contribute to compliance clinics, awareness, and capacity-building sessions.
Participate in investigations, on-site inspections, and evidence-gathering activities to ensure proportionate regulatory action.
Represent PDPO at sector working groups, and standard-setting forums, and gather input to refine PDPO’s audit and inspection manual.
Perform any other responsibilities as may be assigned.

Qualifications and Experience

Education

A Bachelor of Information Technology, Computer Science degree, or related area from a recognized university is required.
CISA or CISM is a requirement.
An internationally recognized Data Protection and Privacy certification is an added advantage.

Experience

A minimum of four (4) years of working experience in a compliance, risk, or auditing role in a reputable public or private organization.

Technical Expertise

Knowledgeable about Cyber and Data Protection and Privacy laws.
Familiarity with audit management tools and data analytics techniques.
Working understanding of Information Security controls.

Nature and Scope

Able to prioritize and coordinate work streams/projects to drive the delivery of tasks.
A resilient team player with a ‘can do’ attitude, who is willing to take responsibility, lead, and work with others to create breakthrough solutions to complex problems.
Excellent interpersonal and communication skills (both oral and written).