 |
| Cairo bank Uganda |
Chief Information Security Officer Post
Location: Jobs in Uganda 2025 - 2026
Work Hours: Full-time, 08 hours per day
Salary:
UGX
No. of vacancies: 01
Deadline: January 20 2025
Hiring Organization: Cairo bank Uganda
Job Details:
Job Purpose:To
safeguard the organization’s information by developing, implementing, and
maintaining a comprehensive Cyber security strategies to promote
confidentiality and integrity of information, cyber security awareness and
compliance, compliance with regulations, and industry standards, and to ensure
that the Bank is protected from Cyber security incidents and breaches, and
prevent future occurrences,
Reports to: Managing Director
Department: Cyber Security Department
Key Responsibilities:
- Develop and Implement the
Bank’s cybersecurity program and enforce the cyber and technology policy.
- Maintains the Banks current
enterprise-wide knowledge base of its users, devices, applications,
software licenses and their relationships.
- Ensure that information systems
meet the needs of the Bank, and the ICT strategy, in particular
information system development strategies, comply with the overall
business strategies, risk appetite and ICT risk management policies of the
Bank.
- Design cybersecurity controls
with the consideration of users at all levels of the Bank, including
internal (i.e. management and staff) and external users (i.e.
contractors/consultants, business partners and service providers).
- Organize professional cyber
related trainings to improve technical proficiency of staff.
- Conduct regular and
comprehensive cyber risk assessments.
- Develop adequate processes for
monitoring IT systems to detect cyber and technology events and incidents
in a timely manner.
- Review and assess risks
associated with exceptions/deviations to the approved cyber and technology
policies and procedures and gain senior management approval for risk
assessments.
- Periodically review the
approved exceptions/deviations to ensure the residual risks remain at an
acceptable level.
- Submit periodic reports to the
CEO on, detailed exceptions to the approved cyber and technology policies
and procedures, Assessment of the effectiveness of the approved
cybersecurity program, all material cyber and technology events that
affected the Bank during the period, and assessment of the
confidentiality, integrity and availability of the information systems in
the institutions.
- Timely update of the incident
response mechanism and Business Continuity Plan (BCP) based on the latest
cyber threat intelligence gathered.
- Incorporate the utilization of
scenario analysis to consider a material cyber-attack, mitigating actions,
and identify potential control gaps.
- Establish and maintain a robust
security governance framework that aligns with regulatory requirements,
industry standards, and best practices.
- Identify and assess security
risks, vulnerabilities, and threats, and develop appropriate risk
mitigation strategies
- Engage with external partners,
vendors, and industry peers to stay abreast of the latest security trends,
technologies, and threats.
- Develop and implement a
comprehensive security awareness program to educate bank employees on the
principles of Zero Trust and their roles in maintaining a secure
environment.
- Conduct regular security
training sessions and workshops to enhance the security awareness and
knowledge of employees across the organization.
- Oversee the design,
implementation, and operation of security controls and technologies to
protect the bank’s infrastructure, applications, and data.
- Develop and maintain an
incident response plan, ensuring the organization’s readiness to detect,
respond, and recover from security incidents.
- Conduct regular security
assessments, penetration testing, and vulnerability scanning to identify
potential weaknesses and recommend remediation measures.
- Ensure frequent data backups of
critical IT systems (e.g. real time back up of changes made to critical
data) are carried out to a separate storage location.
- Ensure the roles and
responsibilities of managing cyber risks, including in emergency or crisis
decision-making, are clearly defined, documented and communicated to
relevant staff.
- Continuously test disaster
recovery and Business Continuity Plans (BCP) arrangements to ensure that
the institution can continue to function and meet its regulatory
obligations in the event of an unforeseen attack through cyber-crime.
- Safeguarding the
confidentiality, integrity and availability of information.
Education.
The applicant must hold a bachelor’s degree in computer science, Information
Security, or a related field. A master’s degree is preferred.
Have a relevant industry recognised certification such as; CISSP, CIPP/E, CISM,
CRISC or CISA.
Experience.
- A minimum of 8 years’
experience in Information Security including hands-on experience in
designing and implementing security solutions in a complex environment
with 5 yrs at management, level preferably in a supervised financial
institution.
- Proven experience in leading
and managing security operations, incident response, and risk management
teams.
- Experience in the financial
industry or a similarly regulated environment is highly desirable.
- Strong understanding of Zero
Trust Architecture principles, concepts, and implementation strategies.
- Familiarity with cloud
security, network security, identity and access management, encryption
technologies, and secure coding practices.
- Familiarity with cloud
security, network security, identity and access management, encryption
technologies, and secure coding practices.
- Experience with security tools
such as SIEM, DLP, IDS/IPS, and vulnerability management systems
- In-depth knowledge of
cybersecurity principles, frameworks, and standards (e.g., NIST, ISO
27001, etc.)
Skills and competencies.
- Leadership and Team building
- Interpersonal skills
- Negotiation skills
- Proactive and decisive
Application procedure
Interested
candidates should send their application letters together with their curriculum
vitae to the Head Human Resources at recruitment@cbu.co.ug not
later than 5pm, Monday 20th January, 2025.
Date Posted: 2025-01-11
MORE JOBS IN UGANDA HERE
NEVER MISS OUT ON A JOB ALERT, CLICK HERE TO JOIN JOB SPACE UGANDA WHATSAPP GROUP TODAY
0 Comments