IT Risk Officer
Kampala, Uganda * Full-time
Cairo Bank
Category: IT
Total Positions:
Location: Kampala, Uganda
Full-time
Salary: Attractive
Posted 10 months ago
KEY DUTIES AND RESPONSIBILITIES
• IT Risk Identification & Assessment: Identify IT-related risks, including cybersecurity threats, data privacy, system failures, and operational risks. Conduct risk assessments and analysis to evaluate the potential impact on the Bank’s operations. Perform Systems and networks user recertifications.
• IT Risk Monitoring & Reporting: Monitor key IT & Cybersecurity risk indicators (KRIs), threat intelligence, and control effectiveness. Prepare regular reports for senior management (IT steering Committee, Risk Management Committee and Executive Committee) and Board on IT & Cybersecurity risk posture, incidents, and breaches. Review and revalidate IT & Cybersecurity units Risk Control self-Assessments (RCSAs)
• Risk & Control Evaluation: Assess the adequacy of IT controls, policies, and procedures and report to management with suitable recommendations / actions taken to correct the gaps. Review IT audits, penetration testing results, and internal/external audit findings and endure issues closure. Review, and assess to ensure security protocols such as firewalls, encryption, multi-factor authentication, and security patches are implemented and are up to date and report to management
• Incident & Threat Management: Oversee the response to cybersecurity incidents, data breaches, or IT system failures. Conduct incident / threat root cause analysis and recommend remediation actions.
• Policy & Framework Development: Support to develop, update, and implement IT risk management policies, standards, and procedures. Follow up with IT & Cybersecurity related policies procedure owners to ensure that these policies / procedures /guidelines are communicated clearly and updated regularly to reflect changes in technology and threat landscape. Review relevant policies to ensure that they align with regulatory requirements and industry best practices. Review Bank’s compliance with cybersecurity regulations and industry standards (e.g., BOU cybersecurity guidelines).
• Awareness & Training: Promote a risk-aware culture by conducting training and awareness programs on IT security best practices. Keep staff informed on emerging IT risks and threat landscape. g) Vendor & Third-Party Risk Management: Assess third-party IT service providers’ security controls and risks. Review the third-party IT vendors compliance with the Bank’s security policies and contractual obligations.
• Regulatory & Compliance: Review Bank’s compliance with relevant IT and cybersecurity regulations and reporting requirements. Support regulatory examinations and audits related to IT governance and risk management.
• Continuous Improvement: Stay updated on evolving IT risks, cybersecurity threats, and industry best practices and report to management and Board Recommend and implement enhancements to the Bank’s IT risk management framework. Participate in industry forums such as UBA IT steering committee and report back to management of lesson learnt.
• Change Management: Perform regular management reviews and report to Management
• Business continuity Management: Draft Business continuity plans cover data backups, disaster recovery procedures, communication protocols, and resource allocation. Liaise with process owners to perform and update Business Impact Analyses (BIAs) to understand the consequences of processes disruptions. Drive and coordinate regularly test BCM and disaster recovery plans through drills and simulations. Sensitize staff on their roles in Business continuity Management, Promote awareness of emergency procedures and communication pathways. Ensure BCM plans meet regulatory standards and industry best practices. Maintain BCM documentation for audits and compliance verification.
Recommended for you
QUALIFICATIONS / SKILLS
• Bachelor’s degree in information technology, Cybersecurity, Computer Science, or related field
• Professional certifications such as CISSP, CISM, ISO 27001 Lead Auditor, or equivalent gives added advantage.
• Knowledge of regulatory standards related to IT and cybersecurity.
• Experience.
• At least 2 years’ experience in IT risk management, cybersecurity, or IT audit within the banking or financial services sector.
• Skills And Competencies.
• Strong analytical, communication, and problem-solving skills.
• Good working Knowledge of Core Banking Systems (any), and networks
• Experience with Key Risk Indicators and Technology Risk reporting preferred
• Demonstrated ability to participate in complex, comprehensive or large IT related projects and initiatives.
• Team player
• Observant
• Analytical and critical skills
HOW TO APPLY
Interested candidates should send their application letters together with their curriculum vitae to the Head Human Resources at recruitment@cbu.co.ug not later than 5pm, Friday 5th September, 2025.
Deadline: Expired
Related Jobs
UNRSCE
Deadline: 12 Jul 2026
EXIM Bank
Deadline: 10 Jul 2026
Cloud Productivity Solutions
Deadline: Open until filled
PFK Uganda
Deadline: Open until filled
Bugadde Sacco
Deadline: Open until filled
Aircom
Deadline: Open until filled
Adminie
Deadline: Open until filled
Smart Applications
Deadline: Open until filled
STANBIC BANK
Deadline: Open until filled
Lotus Brand Limited
Deadline: Open until filled
Spiro Uganda
Deadline: Open until filled
Uganics Repellents Ltd
Deadline: Open until filled
Spidd Africa
Deadline: Open until filled
MOGO UGANDA
Deadline: Open until filled
C-Care Uganda
Deadline: 17 Jul 2026
Cordaid
Deadline: 15 Jul 2026
NOVA Microfinance
Deadline: Closing today
Penal Reform International
Deadline: 13 Jul 2026
Elysian Strategic Solutions
Deadline: Closing today
MIC Global Finance
Deadline: 15 Jul 2026
CEMES Uganda
Deadline: Open until filled
CCare Uganda
Deadline: Open until filled
Stone Pillar Finance
Deadline: Open until filled
Africa Management Solutions
Deadline: Open until filled
Twahirah Islamic Charity
Deadline: Open until filled
Waako Credit Limited
Deadline: Open until filled
Baikal Financial Services
Deadline: Open until filled
Platinum Credit Uganda
Deadline: Open until filled