Chief Information Security Officer Careers – Cairo Bank Uganda

  Banking Jobs in Uganda, Information Technology (IT) and Data Jobs in Uganda, Management Jobs in Uganda

Job Title:   Chief Information Security Officer

Organisation: Cairo Bank Uganda

Duty Station: Kampala, Uganda

Reports to: Managing Director

 

About the Company:

Cairo Bank Uganda was incorporated on 11th July, 1994.  The Bank was formerly known as Cairo International Bank owned by the three leading Egyptian Banks namely; Banque Du Caire, Bank Misr and National Bank of Egypt.  In 2019, it became a fully owned subsidiary of Banque Du Caire (BDC). The shareholder consolidation in 2019 was on the back of expanding its presence across Africa whilst providing an entry point into the COMESA market.

 

Job Summary:   To safeguard the organization’s information by developing, implementing, and maintaining a comprehensive Cyber security strategies to promote confidentiality and integrity of information, cyber security awareness and compliance, compliance with regulations, and industry standards, and to ensure that the Bank is protected from Cyber security incidents and breaches, and prevent future occurrences,

 

Key Duties and Responsibilities:

  • Develop and Implement the Bank’s cybersecurity program and enforce the cyber and technology policy.
  • Maintains the Banks current enterprise-wide knowledge base of its users, devices, applications, software licenses and their relationships.
  • Ensure that information systems meet the needs of the Bank, and the ICT strategy, in particular information system development strategies, comply with the overall business strategies, risk appetite and ICT risk management policies of the Bank.
  • Design cybersecurity controls with the consideration of users at all levels of the Bank, including internal (i.e. management and staff) and external users (i.e. contractors/consultants, business partners and service providers).
  • Organize professional cyber related trainings to improve technical proficiency of staff.
  • Conduct regular and comprehensive cyber risk assessments.
  • Develop adequate processes for monitoring IT systems to detect cyber and technology events and incidents in a timely manner.
  • Review and assess risks associated with exceptions/deviations to the approved cyber and technology policies and procedures and gain senior management approval for risk assessments.
  • Periodically review the approved exceptions/deviations to ensure the residual risks remain at an acceptable level.
  • Submit periodic reports to the CEO on, detailed exceptions to the approved cyber and technology policies and procedures, Assessment of the effectiveness of the approved cybersecurity program, all material cyber and technology events that affected the Bank during the period, and assessment of the confidentiality, integrity and availability of the information systems in the institutions.
  • Timely update of the incident response mechanism and Business Continuity Plan (BCP) based on the latest cyber threat intelligence gathered.
  • Incorporate the utilization of scenario analysis to consider a material cyber-attack, mitigating actions, and identify potential control gaps.
  • Establish and maintain a robust security governance framework that aligns with regulatory requirements, industry standards, and best practices.
  • Identify and assess security risks, vulnerabilities, and threats, and develop appropriate risk mitigation strategies
  • Engage with external partners, vendors, and industry peers to stay abreast of the latest security trends, technologies, and threats.
  • Develop and implement a comprehensive security awareness program to educate bank employees on the principles of Zero Trust and their roles in maintaining a secure environment.
  • Conduct regular security training sessions and workshops to enhance the security awareness and knowledge of employees across the organization.
  • Oversee the design, implementation, and operation of security controls and technologies to protect the bank’s infrastructure, applications, and data.
  • Develop and maintain an incident response plan, ensuring the organization’s readiness to detect, respond, and recover from security incidents.
  • Conduct regular security assessments, penetration testing, and vulnerability scanning to identify potential weaknesses and recommend remediation measures.
  • Ensure frequent data backups of critical IT systems (e.g. real time back up of changes made to critical data) are carried out to a separate storage location.
  • Ensure the roles and responsibilities of managing cyber risks, including in emergency or crisis decision-making, are clearly defined, documented and communicated to relevant staff.
  • Continuously test disaster recovery and Business Continuity Plans (BCP) arrangements to ensure that the institution can continue to function and meet its regulatory obligations in the event of an unforeseen attack through cyber-crime.
  • Safeguarding the confidentiality, integrity and availability of information.




Qualifications, Skills and Experience:

Education.

  • The applicant must hold a bachelor’s degree in computer science, Information Security, or a related field. A master’s degree is preferred.
  • Have a relevant industry recognised certification such as; CISSP, CIPP/E, CISM, CRISC or CISA.

Experience.

  • A minimum of 8 years’ experience in Information Security including hands-on experience in designing and implementing security solutions in a complex environment with 5 yrs at management, level preferably in a supervised financial institution.
  • Proven experience in leading and managing security operations, incident response, and risk management teams.
  • Experience in the financial industry or a similarly regulated environment is highly desirable.
  • Strong understanding of Zero Trust Architecture principles, concepts, and implementation strategies.
  • Familiarity with cloud security, network security, identity and access management, encryption technologies, and secure coding practices.
  • Familiarity with cloud security, network security, identity and access management, encryption technologies, and secure coding practices.
  • Experience with security tools such as SIEM, DLP, IDS/IPS, and vulnerability management systems
  • In-depth knowledge of cybersecurity principles, frameworks, and standards (e.g., NIST, ISO 27001, etc.)

Skills and competencies.

  • Leadership and Team building
  • Interpersonal skills
  • Negotiation skills
  • Proactive and decisive

 

How to Apply:

Interested candidates should send their application letters together with their curriculum vitae to the Head of Human Resources at recruitment@cbu.co.ug

 

Deadline: 20th January 2025 by 5pm

 

For more of the latest jobs, please visit https://www.theugandanjobline.com or find us on our facebook page https://www.facebook.com/UgandanJobline

 

Date Posted 2025-01-11T08:17
Valid Through 2025-01-20T17:00
Employment Type FULL_TIME
Hiring Organization Cairo Bank Uganda
Job Location Kampala, Kampala, Kampala , 0256, Uganda

Related Jobs

, ,