Cybersecurity Officer

  • Full Time
  • Kampala
  • Applications have closed

Website Bank of Uganda

The Cybersecurity Officer will support the Team Leader Cybersecurity in protecting the Bank’s information assets by implementing and managing comprehensive cybersecurity measures, monitoring security events, responding to incidents, and conducting risk assessments. This role involves working with Security Information and Event Management (SIEM) systems, Network Access Control (NAC) solutions, and endpoint security technologies to ensure the confidentiality, integrity, and availability of the Bank’s critical systems.

Duties and Responsibilities

    • Continuously monitor security events using SIEM and NAC systems to detect and respond to potential threats and unauthorized access attempts
    • Conduct vulnerability assessments and penetration testing (VAPT) on critical banking systems to identify and address security vulnerabilities
    • Perform thorough analysis of security logs, alerts, and events to identify potential security incidents and patterns
    • Participate in incident response activities, including detection, analysis, containment, eradication, recovery, and post-incident analysis
    • Conduct risk assessments to identify vulnerabilities and develop mitigation strategies to protect the Bank’s information assets, perform root cause analysis on security incidents and provide solutions to prevent recurrence
    • Implement and enforce security policies, standards, and procedures in alignment with banking industry regulations
    • Implement and maintain security measures including firewalls, intrusion detection systems, and endpoint protection solutions, identify and remove unwanted certificates and vulnerabilities from devices and systems
    • Ensure compliance with internal policies, regulatory requirements, and industry standards such as COBIT and ISO27001
    • Provide technical support and guidance to other departments on cybersecurity and support the delivery of security awareness training programs to ensure a high level of security consciousness across the Bank
    • Monitor the state of all endpoints for compliance with security policies and remediate issues
    • Maintain accurate documentation of security incidents, risk assessments, and mitigation strategies
    • Undertake additional duties as assigned by the Team Leader, Cybersecurity from time to time.

Expected Outputs

  • Individual Balanced Scorecard
  • Daily security event and incident reports
  • Vulnerability assessment and penetration testing reports
  • Incident response documentation and post-incident analysis reports
  • Risk assessment reports and mitigation strategies
  • Compliance audit and assessment reports
  • Updated threat intelligence reports
  • Security awareness training materials and session participation reports
  • Vulnerability assessment and remediation reports
  • Technical guidance documentation
  • Monthly security posture reports.

MINIMUM PERSONAL SPECIFICATIONS

Qualifications:

  • A First or Upper Second-Class degree in Computer Science, Information Security, Information Systems, or Engineering.
  • Professional certifications in cybersecurity: DFE, NDE, CompTIA Security+, CEH, CISSP, CISM, CISA, GIAC, CCSA, CCSE, or GIAC Security.

Work Experience:

  • At least five (5) years of relevant working experience in cybersecurity with hands-on experience in security monitoring, incident response, security analysis, and risk assessments.

Age:

  • 30.0 – 38.0 years of age as at close of the advert.

Competencies:

Technical Competencies

  • Strong and demonstrable knowledge in cybersecurity principles, tools, and practices
  • Experience with SIEM systems, NAC, and endpoint security solutions
  • Proficiency in conducting vulnerability assessments and penetration testing
  • Knowledge of IT governance frameworks (COBIT, ITIL) and security standards (ISO27001, NIST Cybersecurity Framework)
  • Experience in conducting risk assessments and developing mitigation strategies
  • Understanding financial industry security compliance requirements
  • Expertise in incident response and security event analysis
  • Ability to analyze complex security logs and identify security concerns
  • Strong analytical and problem-solving skills.

Behavioral

  • Strong communication and interpersonal skills.
  • High level of integrity and accountability.
  • Ability to work effectively in a team environment.
  • Proactive and innovative mindset.
  • Attention to detail and decision-making abilities.
  • Strong analytical and problem-solving skills.

Salary and Benefits for the positions are generous and attractive.

. Please follow the stated instructions in the form as accurately as possible. Note that inaccurate applications will be automatically disqualified.

Applications should be accompanied by;

1) National ID (Front and Back) – Mandatory. Ensure both the front and back sides are scanned and visible.

2) Academic Qualification Documents – Mandatory. These should match all the required qualifications mentioned in the job descriptions.

3) Letter of Equivalence for the Class of Degree from the National Council of Higher Education for applicants whose first degree (Bachelor’s) was obtained from a foreign University.

4) A duly registered Statutory Declaration for applicants with name and/or date of birth variations.

Please ensure that all required documents are duly attached and MUST be scanned as one single document.

Please note that failure to attach the required documents will lead to automatic disqualification.

Management reserves the right to terminate applicants found with concealed or falsified information and academic credentials. Only shortlisted candidates will be contacted.