Chief Information Security Officer (CISO) job at I&M Bank


Chief Information Security Officer (CISO)
2025-07-01T04:21:24+00:00
I&M Bank
https://cdn.greatugandajobs.com/jsjobsdata/data/employer/comp_3675/logo/I&M%20Bank.png
FULL_TIME
 
Uganda
Kampala
00256
Uganda
Banking
Computer & IT
UGX
 
MONTH
2025-07-04T17:00:00+00:00
 
Uganda
8

A Chief Information Security Officer (CISO) is a senior executive responsible for an organization’s information and cyber security strategy, governance, and risk management.

Key Responsibilities.

Risk Governance and Strategy

  • Overseeing and implementing the institution's cybersecurity program and enforcing cyber and technology policy.
  • Ensuring that information systems meet institutional needs and ICT strategies align with business strategies and risk appetite.
  • Review and assess risks associated with exceptions/deviations to cyber and technology policies and gain senior management approval.
  • Review periodically the approved exceptions/deviations to ensure residual risks remain acceptable.


Risk Identification, Assessment, and Mitigation

  • Ensure regular and comprehensive cyber risk assessments are conducted at least once a year.
  • Ensure monitoring processes detect cyber and technology events and incidents in a timely manner.
  • Incorporate scenario analysis for material cyber-attacks, mitigation, and identifying control gaps.
  • Safeguarding the confidentiality, integrity, and availability of information.

Fraud Risk Management

  • Effectiveness of fraud detection and prevention programs (e.g., reduced fraud incidents and losses).
  • Responsiveness and effectiveness in addressing fraud... risk events.

Business Continuity Planning (BCP) and Crisis Management)

  • Ensure timely update of the incident response mechanism and BCP based on latest cyber threat intelligence.
  • Ensure frequent data backups of critical IT systems to separate storage locations.
  • Ensure cyber risk roles and responsibilities in emergency/crisis decision-making are defined and communicated.
  • Continuously test disaster recovery and BCP arrangements to ensure regulatory compliance and operational continuity.

Leadership and Culture

  • Design cybersecurity controls considering all levels of users (internal and external).
  • Organize professional cyber-related trainings to improve staff technical proficiency.

Reporting and Communication

  • Report to the CEO at least quarterly on:
    • Confidentiality, integrity, and availability of systems,
    • Exceptions to cyber policies,
    • Effectiveness of the cybersecurity program,
    • Material cyber and tech events affecting the institution.

Technology and Innovation

  • Maintain a current enterprise-wide knowledge base of users, devices, applications, software, and network details.

Educational Requirements.


Bachelor’s Degree (Required):

  • Computer Science, Cybersecurity, Information Technology, or related field.

Master’s Degree (Preferred):

  • MBA, M.S. in Cybersecurity, or Information Security.

 Preferred Certifications.

  • CISSP, CISM, CISA, CRISC, CEH.

Additional Knowledge Areas:

  • Risk management, regulatory compliance (e.g., GDPR, HIPAA), security frameworks (NIST, ISO 27001), and business continuity.

Leadership Skills

  • Strong leadership and team management capabilities.
  • Ability to influence and collaborate with Board members, Senior Management, and Cross-functional teams.
  • Excellent communication and presentation skills to convey complex risk concepts to diverse audiences.

Strategic and Analytical Thinking

  • Strong problem-solving and decision-making skills under uncertainty.
  • Ability to anticipate emerging risks and proactively design mitigation strategies.
  • Exceptional analytical skills to evaluate and prioritize risks based on potential impact.

Behavioral Competencies

  • High ethical standards and integrity.
  • Resilience under pressure and ability to navigate crises effectively.
    • Adaptability to changing regulatory landscapes and evolving risk environments.
 
 
 
bachelor degree
12
JOB-686362448d9a1

Vacancy title:
Chief Information Security Officer (CISO)

[Type: FULL_TIME, Industry: Banking, Category: Computer & IT]

Jobs at:
I&M Bank

Deadline of this Job:
Friday, July 4 2025

Duty Station:
Uganda | Kampala | Uganda

Summary
Date Posted: Tuesday, July 1 2025, Base Salary: Not Disclosed

Similar Jobs in Uganda
Learn more about I&M Bank
I&M Bank jobs in Uganda

JOB DETAILS:

A Chief Information Security Officer (CISO) is a senior executive responsible for an organization’s information and cyber security strategy, governance, and risk management.

Key Responsibilities.

Risk Governance and Strategy

  • Overseeing and implementing the institution's cybersecurity program and enforcing cyber and technology policy.
  • Ensuring that information systems meet institutional needs and ICT strategies align with business strategies and risk appetite.
  • Review and assess risks associated with exceptions/deviations to cyber and technology policies and gain senior management approval.
  • Review periodically the approved exceptions/deviations to ensure residual risks remain acceptable.


Risk Identification, Assessment, and Mitigation

  • Ensure regular and comprehensive cyber risk assessments are conducted at least once a year.
  • Ensure monitoring processes detect cyber and technology events and incidents in a timely manner.
  • Incorporate scenario analysis for material cyber-attacks, mitigation, and identifying control gaps.
  • Safeguarding the confidentiality, integrity, and availability of information.

Fraud Risk Management

  • Effectiveness of fraud detection and prevention programs (e.g., reduced fraud incidents and losses).
  • Responsiveness and effectiveness in addressing fraud... risk events.

Business Continuity Planning (BCP) and Crisis Management)

  • Ensure timely update of the incident response mechanism and BCP based on latest cyber threat intelligence.
  • Ensure frequent data backups of critical IT systems to separate storage locations.
  • Ensure cyber risk roles and responsibilities in emergency/crisis decision-making are defined and communicated.
  • Continuously test disaster recovery and BCP arrangements to ensure regulatory compliance and operational continuity.

Leadership and Culture

  • Design cybersecurity controls considering all levels of users (internal and external).
  • Organize professional cyber-related trainings to improve staff technical proficiency.

Reporting and Communication

  • Report to the CEO at least quarterly on:
    • Confidentiality, integrity, and availability of systems,
    • Exceptions to cyber policies,
    • Effectiveness of the cybersecurity program,
    • Material cyber and tech events affecting the institution.

Technology and Innovation

  • Maintain a current enterprise-wide knowledge base of users, devices, applications, software, and network details.

Educational Requirements.


Bachelor’s Degree (Required):

  • Computer Science, Cybersecurity, Information Technology, or related field.

Master’s Degree (Preferred):

  • MBA, M.S. in Cybersecurity, or Information Security.

 Preferred Certifications.

  • CISSP, CISM, CISA, CRISC, CEH.

Additional Knowledge Areas:

  • Risk management, regulatory compliance (e.g., GDPR, HIPAA), security frameworks (NIST, ISO 27001), and business continuity.

Leadership Skills

  • Strong leadership and team management capabilities.
  • Ability to influence and collaborate with Board members, Senior Management, and Cross-functional teams.
  • Excellent communication and presentation skills to convey complex risk concepts to diverse audiences.

Strategic and Analytical Thinking

  • Strong problem-solving and decision-making skills under uncertainty.
  • Ability to anticipate emerging risks and proactively design mitigation strategies.
  • Exceptional analytical skills to evaluate and prioritize risks based on potential impact.

Behavioral Competencies

  • High ethical standards and integrity.
  • Resilience under pressure and ability to navigate crises effectively.
    • Adaptability to changing regulatory landscapes and evolving risk environments.

 

Work Hours: 8

Experience in Months: 12

Level of Education: bachelor degree

Job application procedure

Interested in applying for this job? Click here to submit your application now

 

All Jobs | QUICK ALERT SUBSCRIPTION




Join Whatsapp(Daily updates)

Latest on UOT JOBS

Loading More...