Job Title: IT Risk Analyst
Organisation: KCB Bank Uganda
Duty Station: Kampala, Uganda
About Organisation:
KCB Bank Uganda Limited which is part of KCB Group, East Africa’s largest commercial bank that was established in 1896. Over the years, the Bank has grown and spread its wings into Tanzania, South Sudan, Uganda, Rwanda and Burundi completing the East African circuit in the year 2012. Today, the Group has the largest branch network in the region with over 238 branches, 950 ATMs and 8,000 agents offering banking services on a 24/7 basis in East Africa. KCB Bank Uganda was established in the year 2007 and has grown to become one of Uganda’s top ten commercial banks.
Key Duties and Responsibilities:
Execute, Review and Deepen the use of Risk Management Tools:
- Conduct proactive systems reviews/assessments/data analysis to identify possible vulnerabilities for timely corrective action.
- Conduct risk assessments prior, during and after the implementation of bank strategic/business initiatives which includes tracking/monitoring the implementation of bank projects/business initiatives, active participation in implementation of bank IT projects and data analytics on performance of the same to inform business decisions.
- Scan the Market/Industry and obtain information related to cyber/system risk and preparing a monthly report for sharing with management.
- Track/monitor usage of risk tools (e.g. RCSAs, Risk Registers, KRIs Etc) within the Information Technology Department plus submission of the same to Risk Management Department within stipulated timeframes and conducting assurance reviews where appropriate and communicating test results to appropriate stakeholders.
- Driving/developing, managing and maintaining the bank’s incident management process and system plus associated procedures by ensuring that all units follow the incident management process for cyber/technology related incident.
- Participate in the implementation of the bank’s Business Continuity Management Programme in line with the bank’s Business Continuity Management Policy.
- Participate in the development, review and monitoring of compliance to Bank Policies and Procedures.
- Review of Information Systems audit reports and tracking implementation of the recommendations thereof.
Stakeholder Management:
- Maintain/ build relationships with all key stakeholders within the bank and assurance providers (internal and external audit, compliance and Bank of Uganda Examiners, etc.)
- Provide appropriate risk training, awareness and education to staff and teams in the bank related to Cyber and system-based risks.
Qualifications, Skills and Experience:
- Bachelor’s degree in information technology, Computer Science, Information Science, Information Systems, Information Security or related disciplines is required.
- Professional Certifications like CRISC, CISM, CISSP, CISA & related professional qualifications are an added advantage.
- Master’s degree in IT, MBA, Computer Science & related disciplines is an added advantage.
Experience
- A Minimum of 3 Years’ Experience in Information Risk /or IT Security and/or IT Audits, Information Risk Reviews and Vulnerability Assessments Experience, Red Team Exercises and/or Penetration Testing Experience, Stakeholder management and Report writing.
How to Apply:
If you believe you can clearly demonstrate your abilities to meet the criteria given above, please log in to our Recruitment portal and submit your application with a detailed CV.
Deadline: 15th October 2025
Note: Qualified candidates with disability are encouraged to apply. Only short-listed candidates will be contacted.
For more of the latest jobs, please visit https://www.theugandanjobline.com or find us on our facebook page https://www.facebook.com/UgandanJobline
Level of Education: Bachelor Degree
Work Hours: 8
Experience in Months: 36