Role:
Lead the development and implementation of a comprehensive Cyber Security Assurance program for Centenary Bank including assessing and ensuring the security of the banking systems, managing risk assessments, conducting security audits, and fostering a culture of security awareness across the Bank.
Key Result Areas:
- Develop, implement, and manage a robust cyber security assurance program that aligns with industry best practices and regulatory requirements
- Conduct regular assessments to identify vulnerabilities, threats, and risks to the Banks information assets and recommend risk mitigation strategies. Plan, coordinate, and execute internal and external cyber security audits and assessments
- Ensure compliance with relevant laws, regulations, and standards (e.g., DPPA, PCI-DSS, NIST, ISO 27001), and monitor changes in regulations to align the cyber security assurance program accordingly
- Assess and manage the security posture of third-party vendors, ensuring that vendors comply with the Banks security policies and standards.
- Design and supervise implementation of compliance assessments against set ICT and information security policies, procedures and standards
- Develop and deliver security awareness training programs to educate employees about security risks and best practices
- Provide periodic reports on the state of the Bank’s cyber security assurance to Senior Management, clearly communicating the risks, vulnerabilities, and overall security posture
- Manage and mentor a team of cyber security professionals to foster a collaborative and high-performance culture within the team
- Stay abreast of the latest cyber security trends, technologies, and threats, and continuously improve the Banks cyber security assurance processes and tools
Education and Professional Qualifications:
- Bachelor’s degree in computer science, Cyber Security, or a related field.
- Technical certifications in Information System Audit, Security Risk and Governance e.g., CISA, CISSP, CISM are required.
- Advanced degree in Computer Science, Cyber Security, or a related field, and other technical certifications like ISO 27001 Lead Implementor/ Auditor, CEH, OSCP, CRISC, ECSA is an added advantage.
Required Experience and Competences:
- At least 5 years of experience in Cyber Security, with a focus on security assurance, IT Audit, or IT Advisory/Consulting in a large financial institution or a reputable organization.
- Knowledge of cyber security frameworks, standards, and best practices.
- Proven experience with security risk assessment methodologies and tools.
Required Skills:
- Excellent analytical and critical thinking skills
- Strong leadership and team management skills
- Effective communication skills, with the ability to explain complex security issues to non-technical stakeholders
- Ability to work under pressure and manage multiple priorities simultaneously
- Proficient in security technologies such as firewalls, IDS/IPS, SIEM, DLP, and vulnerability management tools
To apply:
Download and fill the attached application for employment form and enclose an application letter (addressed to General Manager Human Resource, Centenary Bank, P.O. Box 1892, Kampala), updated Curriculum Vitae, plus copies of all academic credentials, testimonials, and contact details of three competent referees. E-mail the above to: – [email protected] not later than 5:00PM on Monday 30th September 2024.