Chief Information Security Officer (CISO) job at I&M Bank

Uganda |

Posted: June 23, 2025
Deadline: July 4, 2025

Job Description

Title: Chief Information Security Officer (CISO) job at I&M Bank


Chief Information Security Officer (CISO)

2025-06-23T07:25:53+00:00


I&M Bank

https://cdn.greatugandajobs.com/jsjobsdata/data/employer/comp_3675/logo/I&M%20Bank.png



FULL_TIME



 

Uganda

Kampala

00256

Uganda



Banking

Media, Communications & Writing


UGX


 

MONTH



2025-07-04T17:00:00+00:00

 

Uganda

8


A Chief Information Security Officer (CISO) is a senior executive responsible for an organization’s information and cyber security strategy, governance, and risk management.


Key Responsibilities.


Risk Governance and Strategy



  • Overseeing and implementing the institution's cybersecurity program and enforcing cyber and technology policy.

  • Ensuring that information systems meet institutional needs and ICT strategies align with business strategies and risk appetite.

  • Review and assess risks associated with exceptions/deviations to cyber and technology policies and gain senior management approval.

  • Review periodically the approved exceptions/deviations to ensure residual risks remain acceptable.



Risk Identification, Assessment, and Mitigation



  • Ensure regular and comprehensive cyber risk assessments are conducted at least once a year.

  • Ensure monitoring processes detect cyber and technology events and incidents in a timely manner.

  • Incorporate scenario analysis for material cyber-attacks, mitigation, and identifying control gaps.

  • Safeguarding the confidentiality, integrity, and availability of information.


Fraud Risk Management



  • Effectiveness of fraud detection and prevention programs (e.g., reduced fraud incidents and losses).

  • Responsiveness and effectiveness in addressing fraud... risk events.


Business Continuity Planning (BCP) and Crisis Management)



  • Ensure timely update of the incident response mechanism and BCP based on latest cyber threat intelligence.

  • Ensure frequent data backups of critical IT systems to separate storage locations.

  • Ensure cyber risk roles and responsibilities in emergency/crisis decision-making are defined and communicated.

  • Continuously test disaster recovery and BCP arrangements to ensure regulatory compliance and operational continuity.


Leadership and Culture



  • Design cybersecurity controls considering all levels of users (internal and external).

  • Organize professional cyber-related trainings to improve staff technical proficiency.


Reporting and Communication



  • Report to the CEO at least quarterly on:

    • Confidentiality, integrity, and availability of systems,

    • Exceptions to cyber policies,

    • Effectiveness of the cybersecurity program,

    • Material cyber and tech events affecting the institution.




Technology and Innovation



  • Maintain a current enterprise-wide knowledge base of users, devices, applications, software, and network details.


Educational Requirements.



Bachelor’s Degree (Required):



  • Computer Science, Cybersecurity, Information Technology, or related field.


Master’s Degree (Preferred):



  • MBA, M.S. in Cybersecurity, or Information Security.


 Preferred Certifications.



  • CISSP, CISM, CISA, CRISC, CEH.


Additional Knowledge Areas:



  • Risk management, regulatory compliance (e.g., GDPR, HIPAA), security frameworks (NIST, ISO 27001), and business continuity.


Leadership Skills



  • Strong leadership and team management capabilities.

  • Ability to influence and collaborate with Board members, Senior Management, and Cross-functional teams.

  • Excellent communication and presentation skills to convey complex risk concepts to diverse audiences.


Strategic and Analytical Thinking



  • Strong problem-solving and decision-making skills under uncertainty.

  • Ability to anticipate emerging risks and proactively design mitigation strategies.

  • Exceptional analytical skills to evaluate and prioritize risks based on potential impact.


Behavioral Competencies



  • High ethical standards and integrity.

  • Resilience under pressure and ability to navigate crises effectively.

    • Adaptability to changing regulatory landscapes and evolving risk environments.





 

 

 


bachelor degree



12


JOB-6859018140348


Vacancy title:
Chief Information Security Officer (CISO)


[Type: FULL_TIME, Industry: Banking, Category: Media, Communications & Writing]


Jobs at:
I&M Bank


Deadline of this Job:
Friday, July 4 2025


Duty Station:
Uganda | Kampala | Uganda


Summary
Date Posted: Monday, June 23 2025, Base Salary: Not Disclosed





JOB DETAILS:


A Chief Information Security Officer (CISO) is a senior executive responsible for an organization’s information and cyber security strategy, governance, and risk management.


Key Responsibilities.


Risk Governance and Strategy



  • Overseeing and implementing the institution's cybersecurity program and enforcing cyber and technology policy.

  • Ensuring that information systems meet institutional needs and ICT strategies align with business strategies and risk appetite.

  • Review and assess risks associated with exceptions/deviations to cyber and technology policies and gain senior management approval.

  • Review periodically the approved exceptions/deviations to ensure residual risks remain acceptable.



Risk Identification, Assessment, and Mitigation



  • Ensure regular and comprehensive cyber risk assessments are conducted at least once a year.

  • Ensure monitoring processes detect cyber and technology events and incidents in a timely manner.

  • Incorporate scenario analysis for material cyber-attacks, mitigation, and identifying control gaps.

  • Safeguarding the confidentiality, integrity, and availability of information.


Fraud Risk Management



  • Effectiveness of fraud detection and prevention programs (e.g., reduced fraud incidents and losses).

  • Responsiveness and effectiveness in addressing fraud... risk events.


Business Continuity Planning (BCP) and Crisis Management)



  • Ensure timely update of the incident response mechanism and BCP based on latest cyber threat intelligence.

  • Ensure frequent data backups of critical IT systems to separate storage locations.

  • Ensure cyber risk roles and responsibilities in emergency/crisis decision-making are defined and communicated.

  • Continuously test disaster recovery and BCP arrangements to ensure regulatory compliance and operational continuity.


Leadership and Culture



  • Design cybersecurity controls considering all levels of users (internal and external).

  • Organize professional cyber-related trainings to improve staff technical proficiency.


Reporting and Communication



  • Report to the CEO at least quarterly on:

    • Confidentiality, integrity, and availability of systems,

    • Exceptions to cyber policies,

    • Effectiveness of the cybersecurity program,

    • Material cyber and tech events affecting the institution.




Technology and Innovation



  • Maintain a current enterprise-wide knowledge base of users, devices, applications, software, and network details.


Educational Requirements.



Bachelor’s Degree (Required):



  • Computer Science, Cybersecurity, Information Technology, or related field.


Master’s Degree (Preferred):



  • MBA, M.S. in Cybersecurity, or Information Security.


 Preferred Certifications.



  • CISSP, CISM, CISA, CRISC, CEH.


Additional Knowledge Areas:



  • Risk management, regulatory compliance (e.g., GDPR, HIPAA), security frameworks (NIST, ISO 27001), and business continuity.


Leadership Skills



  • Strong leadership and team management capabilities.

  • Ability to influence and collaborate with Board members, Senior Management, and Cross-functional teams.

  • Excellent communication and presentation skills to convey complex risk concepts to diverse audiences.


Strategic and Analytical Thinking



  • Strong problem-solving and decision-making skills under uncertainty.

  • Ability to anticipate emerging risks and proactively design mitigation strategies.

  • Exceptional analytical skills to evaluate and prioritize risks based on potential impact.


Behavioral Competencies



  • High ethical standards and integrity.

  • Resilience under pressure and ability to navigate crises effectively.

    • Adaptability to changing regulatory landscapes and evolving risk environments.




 



Work Hours: 8


Experience in Months: 12


Level of Education: bachelor degree



Job application procedure:


Interested in applying for this job? Click here to submit your application now