Related Jobs
.png)
.jpg)
.jpeg)
Related Jobs
Related Jobs
Share this Job
Chief Information Security Officer job at I&M Bank Uganda | Apply Now
Are you looking for Information Technology jobs in Uganda 2025 today? then you might be interested in Chief Information Security Officer job at I&M Bank Uganda
About the Organisation
I&M Bank (Uganda) Limited, established in 2021 following the acquisition of a 90% stake in Orient Bank Limited, operates as a subsidiary of I&M Group Plc, a prominent East African financial services conglomerate.
The bank's mission is to empower prosperity by delivering innovative financial solutions, guided by core values of trust, integrity, respect, courage, and innovation. With a growing presence in Uganda, I&M Bank offers a comprehensive suite of banking services, including retail, corporate, and SME banking, supported by a robust digital banking platform to enhance customer convenience.
The bank fosters a dynamic work culture that emphasizes employee development and values diversity, offering various job opportunities that align with its commitment to excellence. I&M Bank actively engages in corporate social responsibility initiatives focused on education, health, and environmental sustainability, aiming to make a positive impact on the communities it serves. For more information, visit their official website at www.imbankgroup.com/ug.
Kampala, Uganda
Full Time
Job Title
Chief Information Security Officer job at I&M Bank Uganda
I&M Bank Uganda
Job Description
Job Title: Chief Information Security Officer
Organisation: I&M Bank Uganda
Duty Station: Kampala, Uganda
Reports to: Chief Executive Officer
Duties, Roles and Responsibilities
Risk Governance and Strategy
Overseeing and implementing the institution’s cybersecurity program and enforcing cyber and technology policy.
Ensuring that information systems meet institutional needs and ICT strategies align with business strategies and risk appetite.
Review and assess risks associated with exceptions/deviations to cyber and technology policies and gain senior management approval.
Review periodically the approved exceptions/deviations to ensure residual risks remain acceptable.
Risk Identification, Assessment, and Mitigation
Ensure regular and comprehensive cyber risk assessments are conducted at least once a year.
Ensure monitoring processes detect cyber and technology events and incidents in a timely manner.
Incorporate scenario analysis for material cyber-attacks, mitigation, and identifying control gaps.
Safeguarding the confidentiality, integrity, and availability of information.
Fraud Risk Management
Effectiveness of fraud detection and prevention programs (e.g., reduced fraud incidents and losses).
Responsiveness and effectiveness in addressing fraud… risk events.
Business Continuity Planning (BCP) and Crisis Management)
Ensure timely update of the incident response mechanism and BCP based on latest cyber threat intelligence.
Ensure frequent data backups of critical IT systems to separate storage locations.
Ensure cyber risk roles and responsibilities in emergency/crisis decision-making are defined and communicated.
Continuously test disaster recovery and BCP arrangements to ensure regulatory compliance and operational continuity.
Leadership and Culture
Design cybersecurity controls considering all levels of users (internal and external).
Organize professional cyber-related trainings to improve staff technical proficiency.
Reporting and Communication
Report to the CEO at least quarterly on:
Confidentiality, integrity, and availability of systems,
Exceptions to cyber policies,
Effectiveness of the cybersecurity program,
Material cyber and tech events affecting the institution.
Technology and Innovation
Maintain a current enterprise-wide knowledge base of users, devices, applications, software, and network details.
SERVICES
COMMERCIAL
SERVICES
INDUSTRIAL
SERVICES
RESIDENTIAL
Qualifications, Education and Competencies
Bachelor’s Degree (Required):
Computer Science, Cybersecurity, Information Technology, or related field.
Master’s Degree (Preferred):
MBA, M.S. in Cybersecurity, or Information Security.
Preferred Certifications.
CISSP, CISM, CISA, CRISC, CEH.
Additional Knowledge Areas:
Risk management, regulatory compliance (e.g., GDPR, HIPAA), security frameworks (NIST, ISO 27001), and business continuity.
Leadership Skills
Strong leadership and team management capabilities.
Ability to influence and collaborate with Board members, Senior Management, and Cross-functional teams.
Excellent communication and presentation skills to convey complex risk concepts to diverse audiences.
Strategic and Analytical Thinking
Strong problem-solving and decision-making skills under uncertainty.
Ability to anticipate emerging risks and proactively design mitigation strategies.
Exceptional analytical skills to evaluate and prioritize risks based on potential impact.
Behavioral Competencies
High ethical standards and integrity.
Resilience under pressure and ability to navigate crises effectively.
Adaptability to changing regulatory landscapes and evolving risk environments.
How to Apply
All suitably qualified and interested applicants should apply online at the APPLY Button below.
Deadline: 4th July 2025
Note: Only shortlisted candidates will be contacted
