Job Title:  Manager Information Security Assurance

Organization: Centenary Bank

Duty Station: Kampala, Uganda

Reports to: Chief Manager Information Security Assurance

About the Company:

Centenary Bank is a leading Commercial Microfinance Bank serving over a third of the banking population with services that can be accessed across 80 branches, 191 ATMs and over 5,200 CenteAgents and other digital platforms.

Job Summary:   To lead the development and implementation of a comprehensive Information Security Assurance program for Centenary Bank including assessing and ensuring the security of the banking systems, managing risk assessments, conducting security audits, and fostering a culture of security awareness across the Bank.

Key Duties and Responsibilities:

• Develop, implement, and manage a robust information security assurance program that aligns with industry best practices and regulatory requirements
• Conduct regular assessments to identify vulnerabilities, threats, and risks to the Bank’s information assets and recommend risk mitigation strategies. Plan, coordinate, and execute internal and external cyber security audits and assessments
• Ensure compliance with relevant laws, regulations, and standards (e.g., DPPA, PCI-DSS, NIST, ISO 27001), and monitor changes in regulations to align the cyber security assurance program accordingly
• Assess and manage the security posture of third-party vendors, ensuring that vendors comply with the Bank’s security policies and standards.
• Design and supervise implementation of compliance assessments against set ICT and information security policies, procedures and standards
• Develop and deliver security awareness training programs to educate employees about security risks and best practices
• Provide periodic reports on the state of the Bank’s information security assurance to Senior Management, clearly communicating the risks, vulnerabilities, and overall security posture.
• Manage and mentor a team of cyber security professionals to foster a collaborative and high-performance culture within the team Stay abreast of the latest cyber security trends, technologies, and threats, and continuously improve the Bank’s cyber security assurance processes and tools

• Bachelor’s degree in computer science, Cyber Security, or a related field.
• Technical certifications in Information System Audit, Security Risk and Governance e.g., CISA, CISSP, CISM are required
• Advanced degree in Computer Science, Cyber Security, or a related field, and other technical certifications like ISO 27001 Lead Implementor/ Auditor, CEH, OSCP, CRISC, ECSA is an added advantage.

Required Experience and Competences:

• At least 5 years of experience in Cyber Security, with a focus on security assurance, IT Audit, or IT Advisory/Consulting in a large financial institution or a reputable organization
• Knowledge of cyber security frameworks, standards, and best practices
• Proven experience with security risk assessment methodologies and tools
• Ability to work under pressure and manage multiple priorities simultaneously.
• Proficient in security technologies such as firewalls, IDS/IPS, SIEM, DLP, and vulnerability management tools.

Required Skills:

• Excellent analytical and critical thinking skills
• Strong leadership and team management skills
• Effective communication skills, with the ability to explain complex security issues to non-technical stakeholders

If you are interested in joining a dynamic team in a fast-paced work environment and meet fully the requirements above, please:

Fill the form and attach an application letter (addressed to General Manager Human Resource, Centenary Bank, P.O. Box 1892, Kampala), updated Curriculum Vitae, plus copies of all academic credentials, testimonials and contact details of three competent referees.

E-mail the above to: Talent_sourcing@centenarybank.co.ug

Note: Only shortlisted candidates will, be contacted.