Cyber Security Officer job at Yako Bank Uganda

Kampala |

Posted: June 26, 2025
Deadline: July 7, 2025

Job Description

Title: Cyber Security Officer job at Yako Bank Uganda


Cyber Security Officer

2025-06-26T05:31:54+00:00


Yako Bank Uganda

https://cdn.greatugandajobs.com/jsjobsdata/data/employer/comp_7516/logo/yako.png



FULL_TIME




Kampala

Kampala

00256

Uganda



Banking

Computer & IT


UGX



MONTH



2025-07-07T17:00:00+00:00


Uganda

8


  1. CYBER SECURITY OFFICER

  2. This position reports directly to the Head of I.T and will be based at Head Office.

  3. Role of the Job:

  4. Responsible for enforcing compliance to all aspects of computer, network, and Information security in Yako Bank. The job entails operationalizing of the Cyber Security Strategy, Policies, Standards, Procedures, Methods, best practices, architecture and systems to protect the Bank’s data and ICT systems from Cyber threats while evaluating the Bank’s ICT environment and data processing to ensure compliance to applicable standards & laws and relevance with industry security norms.

  5. Key Result Areas:


 



  1. ▪ Implement, maintain and monitor Yako Bank’s Cyber Security Strategy and participation in the design and implementation of up-to-date IT standards, policies, guidelines and appropriate architectural principles to ensure the Yako Bank IT Security goals continue to be met

  2. ▪ Manage the Bank’s IT Security systems and tools, e.g. firewalls, data protection controls, log analyzers, end-point-security, patching, encryption, vulnerability scanning and pen testing etc. ensuring that they are used optimally, including, monitoring and enforcing security access procedures to the Bank’s Information Technology Systems and networks.

  3. ▪ Monitor the network and systems for suspicious activity, including attempted

  4. ▪ unauthorized access, malware, and other cyber threats

  5. ▪ Research, evaluate, design, test, recommend and/or plan technological upgrade

  6. ▪ improvements and major changes to the IT Security environment, and analyze their

  7. ▪ impact on the existing environment, while overseeing their proper deployment,

  8. ▪ configuration, and functioning.

  9. ▪ Identity and Access Management: Develop and implement identity and access

  10. ▪ management policies and procedures to control user access to sensitive data and systems

  11. ▪ Providing training to IT Security personnel and IT Security Awareness trainings to Yako Bank.

  12. ▪ personnel as per established IT security training programs to promote good security

  13. ▪ hygiene.

  14. ▪ Serve as the department’s representative to support IT security & operational audits by

  15. ▪ Yako Bank’s internal assurance functions or third-parties to ensure the Bank maintains a strong security posture including ensuring that service-level agreements with outsourced ICT security services providers are enforced.

  16. ▪ Enforce the Bank’s ICT Change and Incident management activities and processes ensuring that they are in line with the approved IT Policies.

  17. ▪ Work with ICT staffs to ensure that all Audit, Risk, Vulnerability & compliance findings

  18. ▪ are appreciated and closed in time.

  19. ▪ Enforce the day-to-day activities of threat and vulnerability management, identify risk

  20. ▪ tolerances, recommend and support implementation of treatment plans

  21. ▪ Provide guidance during security incidents and investigations, ensuring root-cause

  22. ▪ analysis is undertaken and input suggested approaches to deal with lessons identified

  23. ▪ Ensure that systems and the information within them comply with the Data-Protection and-Privacy-Act-2019 of Uganda and other relevant legal and regulatory requirements.

  24. ▪ Work with the IT team to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications, Software’s and 3rd party connections before being introduced into the ICT environment in compliance with current Security Policies

  25. ▪ Maintain a knowledgebase comprising a technical reference library, security advisories and alerts, information on security trends and practices, and laws and regulations

  26. ▪ Support the Manager Cyber Security in developing and planning of the IT Security section’s annual Budgets and work plans and execution of the same.


  28. Minimum educational and technical competence requirements:

  29. ▪ Bachelor’s degree in Computer Science, Information Technology or other relevant degree from a recognized University and any certification in Systems, Databases or Networks

  30. ▪ Minimum of 2 years’ experience in an organization of at least the same nature preferably a, Financial institution, Government institution, Telecom institution or a consulting firm

  31. ▪ Have well-developed IT skills and experience in related jobs in IT, such as a network

  32. ▪ engineer/Administrator, a database administrator, a systems analyst, applications developer, IT auditing, IT risk analyst, etc.

  33. ▪ Professional IT Security Certifications / Trainings e.g. CISSP, CEH, CCSP, MSCE, CISA, CISM, NSE etc. and Network certifications e.g. CCNA, CCNP are an added advantage

  34. ▪ Must have excellent verbal and written communication skills and excellent interpersonal skills with the ability.

  35. ▪ Knowledge and understanding of the Data-Protection-and-Privacy-Act-2019 of Uganda and

  36. ▪ other relevant legal and regulatory requirements.

  37. ▪ Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans

  38. ▪ Ability to understand and assess technology systems and applications from both a technical and business function perspective

  39. ▪ Understanding of information security principles and best practices (e.g., ISO27001/2,

  40. ▪ COBIT, NIST, PCI and ISF Standards of Good Practice for Information Security).

  41. ▪ Excellent analytical and problem-solving abilities to analyze security requirements and relate them to appropriate security controls

  42. ▪ Experience in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies

  43. ▪ Knowledge of industry best practices regarding digitalization and automation of banking services.

  44. ▪ Knowledge of UNIX Operating Systems, Microsoft Server Operating Systems, Virtualization technologies, Intrusion Prevention & Detection systems and advanced enterprise networks

  45. ▪ (LANs & WANs)


▪ Implement, maintain and monitor Yako Bank’s Cyber Security Strategy and participation in the design and implementation of up-to-date IT standards, policies, guidelines and appropriate architectural principles to ensure the Yako Bank IT Security goals continue to be met
▪ Manage the Bank’s IT Security systems and tools, e.g. firewalls, data protection controls, log analyzers, end-point-security, patching, encryption, vulnerability scanning and pen testing etc. ensuring that they are used optimally, including, monitoring and enforcing security access procedures to the Bank’s Information Technology Systems and networks.
▪ Monitor the network and systems for suspicious activity, including attempted
▪ unauthorized access, malware, and other cyber threats
▪ Research, evaluate, design, test, recommend and/or plan technological upgrade
▪ improvements and major changes to the IT Security environment, and analyze their
▪ impact on the existing environment, while overseeing their proper deployment,
▪ configuration, and functioning.
▪ Identity and Access Management: Develop and implement identity and access
▪ management policies and procedures to control user access to sensitive data and systems
▪ Providing training to IT Security personnel and IT Security Awareness trainings to Yako Bank.
▪ personnel as per established IT security training programs to promote good security
▪ hygiene.
▪ Serve as the department’s representative to support IT security & operational audits by
▪ Yako Bank’s internal assurance functions or third-parties to ensure the Bank maintains a strong security posture including ensuring that service-level agreements with outsourced ICT security services providers are enforced.
▪ Enforce the Bank’s ICT Change and Incident management activities and processes ensuring that they are in line with the approved IT Policies.
▪ Work with ICT staffs to ensure that all Audit, Risk, Vulnerability & compliance findings
▪ are appreciated and closed in time.
▪ Enforce the day-to-day activities of threat and vulnerability management, identify risk
▪ tolerances, recommend and support implementation of treatment plans
▪ Provide guidance during security incidents and investigations, ensuring root-cause
▪ analysis is undertaken and input suggested approaches to deal with lessons identified
▪ Ensure that systems and the information within them comply with the Data-Protection and-Privacy-Act-2019 of Uganda and other relevant legal and regulatory requirements.
▪ Work with the IT team to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications, Software’s and 3rd party connections before being introduced into the ICT environment in compliance with current Security Policies
▪ Maintain a knowledgebase comprising a technical reference library, security advisories and alerts, information on security trends and practices, and laws and regulations
▪ Support the Manager Cyber Security in developing and planning of the IT Security section’s annual Budgets and work plans and execution of the same.


▪ Bachelor’s degree in Computer Science, Information Technology or other relevant degree from a recognized University and any certification in Systems, Databases or Networks
▪ Minimum of 2 years’ experience in an organization of at least the same nature preferably a, Financial institution, Government institution, Telecom institution or a consulting firm
▪ Have well-developed IT skills and experience in related jobs in IT, such as a network
▪ engineer/Administrator, a database administrator, a systems analyst, applications developer, IT auditing, IT risk analyst, etc.
▪ Professional IT Security Certifications / Trainings e.g. CISSP, CEH, CCSP, MSCE, CISA, CISM, NSE etc. and Network certifications e.g. CCNA, CCNP are an added advantage
▪ Must have excellent verbal and written communication skills and excellent interpersonal skills with the ability.
▪ Knowledge and understanding of the Data-Protection-and-Privacy-Act-2019 of Uganda and
▪ other relevant legal and regulatory requirements.
▪ Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans
▪ Ability to understand and assess technology systems and applications from both a technical and business function perspective
▪ Understanding of information security principles and best practices (e.g., ISO27001/2,
▪ COBIT, NIST, PCI and ISF Standards of Good Practice for Information Security).
▪ Excellent analytical and problem-solving abilities to analyze security requirements and relate them to appropriate security controls
▪ Experience in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies
▪ Knowledge of industry best practices regarding digitalization and automation of banking services.
▪ Knowledge of UNIX Operating Systems, Microsoft Server Operating Systems, Virtualization technologies, Intrusion Prevention & Detection systems and advanced enterprise networks
▪ (LANs & WANs)


bachelor degree



24


JOB-685cdb4aad0f0




Vacancy title:
Cyber Security Officer


[Type: FULL_TIME, Industry: Banking, Category: Computer & IT]


Jobs at:
Yako Bank Uganda


Deadline of this Job:
Monday, July 7 2025


Duty Station:
Kampala | Kampala | Uganda


Summary
Date Posted: Thursday, June 26 2025, Base Salary: Not Disclosed





Learn more about Yako Bank Uganda




JOB DETAILS:


  1. CYBER SECURITY OFFICER

  2. This position reports directly to the Head of I.T and will be based at Head Office.

  3. Role of the Job:

  4. Responsible for enforcing compliance to all aspects of computer, network, and Information security in Yako Bank. The job entails operationalizing of the Cyber Security Strategy, Policies, Standards, Procedures, Methods, best practices, architecture and systems to protect the Bank’s data and ICT systems from Cyber threats while evaluating the Bank’s ICT environment and data processing to ensure compliance to applicable standards & laws and relevance with industry security norms.

  5. Key Result Areas:


 



  1. ▪ Implement, maintain and monitor Yako Bank’s Cyber Security Strategy and participation in the design and implementation of up-to-date IT standards, policies, guidelines and appropriate architectural principles to ensure the Yako Bank IT Security goals continue to be met

  2. ▪ Manage the Bank’s IT Security systems and tools, e.g. firewalls, data protection controls, log analyzers, end-point-security, patching, encryption, vulnerability scanning and pen testing etc. ensuring that they are used optimally, including, monitoring and enforcing security access procedures to the Bank’s Information Technology Systems and networks.

  3. ▪ Monitor the network and systems for suspicious activity, including attempted

  4. ▪ unauthorized access, malware, and other cyber threats

  5. ▪ Research, evaluate, design, test, recommend and/or plan technological upgrade

  6. ▪ improvements and major changes to the IT Security environment, and analyze their

  7. ▪ impact on the existing environment, while overseeing their proper deployment,

  8. ▪ configuration, and functioning.

  9. ▪ Identity and Access Management: Develop and implement identity and access

  10. ▪ management policies and procedures to control user access to sensitive data and systems

  11. ▪ Providing training to IT Security personnel and IT Security Awareness trainings to Yako Bank.

  12. ▪ personnel as per established IT security training programs to promote good security

  13. ▪ hygiene.

  14. ▪ Serve as the department’s representative to support IT security & operational audits by

  15. ▪ Yako Bank’s internal assurance functions or third-parties to ensure the Bank maintains a strong security posture including ensuring that service-level agreements with outsourced ICT security services providers are enforced.

  16. ▪ Enforce the Bank’s ICT Change and Incident management activities and processes ensuring that they are in line with the approved IT Policies.

  17. ▪ Work with ICT staffs to ensure that all Audit, Risk, Vulnerability & compliance findings

  18. ▪ are appreciated and closed in time.

  19. ▪ Enforce the day-to-day activities of threat and vulnerability management, identify risk

  20. ▪ tolerances, recommend and support implementation of treatment plans

  21. ▪ Provide guidance during security incidents and investigations, ensuring root-cause

  22. ▪ analysis is undertaken and input suggested approaches to deal with lessons identified

  23. ▪ Ensure that systems and the information within them comply with the Data-Protection and-Privacy-Act-2019 of Uganda and other relevant legal and regulatory requirements.

  24. ▪ Work with the IT team to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications, Software’s and 3rd party connections before being introduced into the ICT environment in compliance with current Security Policies

  25. ▪ Maintain a knowledgebase comprising a technical reference library, security advisories and alerts, information on security trends and practices, and laws and regulations

  26. ▪ Support the Manager Cyber Security in developing and planning of the IT Security section’s annual Budgets and work plans and execution of the same.


  28. Minimum educational and technical competence requirements:

  29. ▪ Bachelor’s degree in Computer Science, Information Technology or other relevant degree from a recognized University and any certification in Systems, Databases or Networks

  30. ▪ Minimum of 2 years’ experience in an organization of at least the same nature preferably a, Financial institution, Government institution, Telecom institution or a consulting firm

  31. ▪ Have well-developed IT skills and experience in related jobs in IT, such as a network

  32. ▪ engineer/Administrator, a database administrator, a systems analyst, applications developer, IT auditing, IT risk analyst, etc.

  33. ▪ Professional IT Security Certifications / Trainings e.g. CISSP, CEH, CCSP, MSCE, CISA, CISM, NSE etc. and Network certifications e.g. CCNA, CCNP are an added advantage

  34. ▪ Must have excellent verbal and written communication skills and excellent interpersonal skills with the ability.

  35. ▪ Knowledge and understanding of the Data-Protection-and-Privacy-Act-2019 of Uganda and

  36. ▪ other relevant legal and regulatory requirements.

  37. ▪ Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans

  38. ▪ Ability to understand and assess technology systems and applications from both a technical and business function perspective

  39. ▪ Understanding of information security principles and best practices (e.g., ISO27001/2,

  40. ▪ COBIT, NIST, PCI and ISF Standards of Good Practice for Information Security).

  41. ▪ Excellent analytical and problem-solving abilities to analyze security requirements and relate them to appropriate security controls

  42. ▪ Experience in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies

  43. ▪ Knowledge of industry best practices regarding digitalization and automation of banking services.

  44. ▪ Knowledge of UNIX Operating Systems, Microsoft Server Operating Systems, Virtualization technologies, Intrusion Prevention & Detection systems and advanced enterprise networks

  45. ▪ (LANs & WANs)



Work Hours: 8


Experience in Months: 24


Level of Education: bachelor degree



Job application procedure:
Interested in applying for this job? Click here to submit your application now.