Cyber Security Officer job at Yako Bank Uganda
Posted by: great-volunteer
Posted date: 2025-Jun-26
Location: Kampala, Uganda
Cyber Security Officer 2025-06-26T05:31:54+00:00 Yako Bank Uganda https://cdn.ugashare.com/jsjobsdata/data/employer/comp_7516/logo/yako.png https://www.yakobank.com/ FULL_TIME Kampala Kampala 00256 Uganda Banking Computer & IT 2025-07-07T17:00:00+00:00 Uganda 8 - CYBER SECURITY OFFICER
- This position reports directly to the Head of I.T and will be based at Head Office.
- Role of the Job:
- Responsible for enforcing compliance to all aspects of computer, network, and Information security in Yako Bank. The job entails operationalizing of the Cyber Security Strategy, Policies, Standards, Procedures, Methods, best practices, architecture and systems to protect the Bank’s data and ICT systems from Cyber threats while evaluating the Bank’s ICT environment and data processing to ensure compliance to applicable standards & laws and relevance with industry security norms.
- Key Result Areas:
- ▪ Implement, maintain and monitor Yako Bank’s Cyber Security Strategy and participation in the design and implementation of up-to-date IT standards, policies, guidelines and appropriate architectural principles to ensure the Yako Bank IT Security goals continue to be met
- ▪ Manage the Bank’s IT Security systems and tools, e.g. firewalls, data protection controls, log analyzers, end-point-security, patching, encryption, vulnerability scanning and pen testing etc. ensuring that they are used optimally, including, monitoring and enforcing security access procedures to the Bank’s Information Technology Systems and networks.
- â–ª Monitor the network and systems for suspicious activity, including attempted
- â–ª unauthorized access, malware, and other cyber threats
- â–ª Research, evaluate, design, test, recommend and/or plan technological upgrade
- â–ª improvements and major changes to the IT Security environment, and analyze their
- â–ª impact on the existing environment, while overseeing their proper deployment,
- â–ª configuration, and functioning.
- â–ª Identity and Access Management: Develop and implement identity and access
- â–ª management policies and procedures to control user access to sensitive data and systems
- â–ª Providing training to IT Security personnel and IT Security Awareness trainings to Yako Bank.
- â–ª personnel as per established IT security training programs to promote good security
- â–ª hygiene.
- ▪ Serve as the department’s representative to support IT security & operational audits by
- ▪ Yako Bank’s internal assurance functions or third-parties to ensure the Bank maintains a strong security posture including ensuring that service-level agreements with outsourced ICT security services providers are enforced.
- ▪ Enforce the Bank’s ICT Change and Incident management activities and processes ensuring that they are in line with the approved IT Policies.
- â–ª Work with ICT staffs to ensure that all Audit, Risk, Vulnerability & compliance findings
- â–ª are appreciated and closed in time.
- â–ª Enforce the day-to-day activities of threat and vulnerability management, identify risk
- â–ª tolerances, recommend and support implementation of treatment plans
- â–ª Provide guidance during security incidents and investigations, ensuring root-cause
- â–ª analysis is undertaken and input suggested approaches to deal with lessons identified
- â–ª Ensure that systems and the information within them comply with the Data-Protection and-Privacy-Act-2019 of Uganda and other relevant legal and regulatory requirements.
- ▪ Work with the IT team to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications, Software’s and 3rd party connections before being introduced into the ICT environment in compliance with current Security Policies
- â–ª Maintain a knowledgebase comprising a technical reference library, security advisories and alerts, information on security trends and practices, and laws and regulations
- ▪ Support the Manager Cyber Security in developing and planning of the IT Security section’s annual Budgets and work plans and execution of the same.
- Minimum educational and technical competence requirements:
- ▪ Bachelor’s degree in Computer Science, Information Technology or other relevant degree from a recognized University and any certification in Systems, Databases or Networks
- ▪ Minimum of 2 years’ experience in an organization of at least the same nature preferably a, Financial institution, Government institution, Telecom institution or a consulting firm
- â–ª Have well-developed IT skills and experience in related jobs in IT, such as a network
- â–ª engineer/Administrator, a database administrator, a systems analyst, applications developer, IT auditing, IT risk analyst, etc.
- â–ª Professional IT Security Certifications / Trainings e.g. CISSP, CEH, CCSP, MSCE, CISA, CISM, NSE etc. and Network certifications e.g. CCNA, CCNP are an added advantage
- â–ª Must have excellent verbal and written communication skills and excellent interpersonal skills with the ability.
- â–ª Knowledge and understanding of the Data-Protection-and-Privacy-Act-2019 of Uganda and
- â–ª other relevant legal and regulatory requirements.
- â–ª Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans
- â–ª Ability to understand and assess technology systems and applications from both a technical and business function perspective
- â–ª Understanding of information security principles and best practices (e.g., ISO27001/2,
- â–ª COBIT, NIST, PCI and ISF Standards of Good Practice for Information Security).
- â–ª Excellent analytical and problem-solving abilities to analyze security requirements and relate them to appropriate security controls
- â–ª Experience in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies
- â–ª Knowledge of industry best practices regarding digitalization and automation of banking services.
- â–ª Knowledge of UNIX Operating Systems, Microsoft Server Operating Systems, Virtualization technologies, Intrusion Prevention & Detection systems and advanced enterprise networks
- â–ª (LANs & WANs)
▪ Implement, maintain and monitor Yako Bank’s Cyber Security Strategy and participation in the design and implementation of up-to-date IT standards, policies, guidelines and appropriate architectural principles to ensure the Yako Bank IT Security goals continue to be met ▪ Manage the Bank’s IT Security systems and tools, e.g. firewalls, data protection controls, log analyzers, end-point-security, patching, encryption, vulnerability scanning and pen testing etc. ensuring that they are used optimally, including, monitoring and enforcing security access procedures to the Bank’s Information Technology Systems and networks. ▪ Monitor the network and systems for suspicious activity, including attempted ▪ unauthorized access, malware, and other cyber threats ▪ Research, evaluate, design, test, recommend and/or plan technological upgrade ▪ improvements and major changes to the IT Security environment, and analyze their ▪ impact on the existing environment, while overseeing their proper deployment, ▪ configuration, and functioning. ▪ Identity and Access Management: Develop and implement identity and access ▪ management policies and procedures to control user access to sensitive data and systems ▪ Providing training to IT Security personnel and IT Security Awareness trainings to Yako Bank. ▪ personnel as per established IT security training programs to promote good security ▪ hygiene. ▪ Serve as the department’s representative to support IT security & operational audits by ▪ Yako Bank’s internal assurance functions or third-parties to ensure the Bank maintains a strong security posture including ensuring that service-level agreements with outsourced ICT security services providers are enforced. ▪ Enforce the Bank’s ICT Change and Incident management activities and processes ensuring that they are in line with the approved IT Policies. ▪ Work with ICT staffs to ensure that all Audit, Risk, Vulnerability & compliance findings ▪ are appreciated and closed in time. ▪ Enforce the day-to-day activities of threat and vulnerability management, identify risk ▪ tolerances, recommend and support implementation of treatment plans ▪ Provide guidance during security incidents and investigations, ensuring root-cause ▪ analysis is undertaken and input suggested approaches to deal with lessons identified ▪ Ensure that systems and the information within them comply with the Data-Protection and-Privacy-Act-2019 of Uganda and other relevant legal and regulatory requirements. ▪ Work with the IT team to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications, Software’s and 3rd party connections before being introduced into the ICT environment in compliance with current Security Policies ▪ Maintain a knowledgebase comprising a technical reference library, security advisories and alerts, information on security trends and practices, and laws and regulations ▪ Support the Manager Cyber Security in developing and planning of the IT Security section’s annual Budgets and work plans and execution of the same. ▪ Bachelor’s degree in Computer Science, Information Technology or other relevant degree from a recognized University and any certification in Systems, Databases or Networks ▪ Minimum of 2 years’ experience in an organization of at least the same nature preferably a, Financial institution, Government institution, Telecom institution or a consulting firm ▪ Have well-developed IT skills and experience in related jobs in IT, such as a network ▪ engineer/Administrator, a database administrator, a systems analyst, applications developer, IT auditing, IT risk analyst, etc. ▪ Professional IT Security Certifications / Trainings e.g. CISSP, CEH, CCSP, MSCE, CISA, CISM, NSE etc. and Network certifications e.g. CCNA, CCNP are an added advantage ▪ Must have excellent verbal and written communication skills and excellent interpersonal skills with the ability. ▪ Knowledge and understanding of the Data-Protection-and-Privacy-Act-2019 of Uganda and ▪ other relevant legal and regulatory requirements. ▪ Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans ▪ Ability to understand and assess technology systems and applications from both a technical and business function perspective ▪ Understanding of information security principles and best practices (e.g., ISO27001/2, ▪ COBIT, NIST, PCI and ISF Standards of Good Practice for Information Security). ▪ Excellent analytical and problem-solving abilities to analyze security requirements and relate them to appropriate security controls ▪ Experience in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies ▪ Knowledge of industry best practices regarding digitalization and automation of banking services. ▪ Knowledge of UNIX Operating Systems, Microsoft Server Operating Systems, Virtualization technologies, Intrusion Prevention & Detection systems and advanced enterprise networks ▪ (LANs & WANs) JOB-685cdb4aad0f0 Vacancy title:
Cyber Security Officer Jobs at:
Yako Bank Uganda Deadline of this Job:
Monday, July 7 2025 Duty Station:
Kampala | Kampala | Uganda Summary
Date Posted: Thursday, June 26 2025, Base Salary: Not Disclosed JOB DETAILS:
- CYBER SECURITY OFFICER
- This position reports directly to the Head of I.T and will be based at Head Office.
- Role of the Job:
- Responsible for enforcing compliance to all aspects of computer, network, and Information security in Yako Bank. The job entails operationalizing of the Cyber Security Strategy, Policies, Standards, Procedures, Methods, best practices, architecture and systems to protect the Bank’s data and ICT systems from Cyber threats while evaluating the Bank’s ICT environment and data processing to ensure compliance to applicable standards & laws and relevance with industry security norms.
- Key Result Areas:
- ▪ Implement, maintain and monitor Yako Bank’s Cyber Security Strategy and participation in the design and implementation of up-to-date IT standards, policies, guidelines and appropriate architectural principles to ensure the Yako Bank IT Security goals continue to be met
- ▪ Manage the Bank’s IT Security systems and tools, e.g. firewalls, data protection controls, log analyzers, end-point-security, patching, encryption, vulnerability scanning and pen testing etc. ensuring that they are used optimally, including, monitoring and enforcing security access procedures to the Bank’s Information Technology Systems and networks.
- â–ª Monitor the network and systems for suspicious activity, including attempted
- â–ª unauthorized access, malware, and other cyber threats
- â–ª Research, evaluate, design, test, recommend and/or plan technological upgrade
- â–ª improvements and major changes to the IT Security environment, and analyze their
- â–ª impact on the existing environment, while overseeing their proper deployment,
- â–ª configuration, and functioning.
- â–ª Identity and Access Management: Develop and implement identity and access
- â–ª management policies and procedures to control user access to sensitive data and systems
- â–ª Providing training to IT Security personnel and IT Security Awareness trainings to Yako Bank.
- â–ª personnel as per established IT security training programs to promote good security
- â–ª hygiene.
- ▪ Serve as the department’s representative to support IT security & operational audits by
- ▪ Yako Bank’s internal assurance functions or third-parties to ensure the Bank maintains a strong security posture including ensuring that service-level agreements with outsourced ICT security services providers are enforced.
- ▪ Enforce the Bank’s ICT Change and Incident management activities and processes ensuring that they are in line with the approved IT Policies.
- â–ª Work with ICT staffs to ensure that all Audit, Risk, Vulnerability & compliance findings
- â–ª are appreciated and closed in time.
- â–ª Enforce the day-to-day activities of threat and vulnerability management, identify risk
- â–ª tolerances, recommend and support implementation of treatment plans
- â–ª Provide guidance during security incidents and investigations, ensuring root-cause
- â–ª analysis is undertaken and input suggested approaches to deal with lessons identified
- â–ª Ensure that systems and the information within them comply with the Data-Protection and-Privacy-Act-2019 of Uganda and other relevant legal and regulatory requirements.
- ▪ Work with the IT team to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications, Software’s and 3rd party connections before being introduced into the ICT environment in compliance with current Security Policies
- â–ª Maintain a knowledgebase comprising a technical reference library, security advisories and alerts, information on security trends and practices, and laws and regulations
- ▪ Support the Manager Cyber Security in developing and planning of the IT Security section’s annual Budgets and work plans and execution of the same.
- Minimum educational and technical competence requirements:
- ▪ Bachelor’s degree in Computer Science, Information Technology or other relevant degree from a recognized University and any certification in Systems, Databases or Networks
- ▪ Minimum of 2 years’ experience in an organization of at least the same nature preferably a, Financial institution, Government institution, Telecom institution or a consulting firm
- â–ª Have well-developed IT skills and experience in related jobs in IT, such as a network
- â–ª engineer/Administrator, a database administrator, a systems analyst, applications developer, IT auditing, IT risk analyst, etc.
- â–ª Professional IT Security Certifications / Trainings e.g. CISSP, CEH, CCSP, MSCE, CISA, CISM, NSE etc. and Network certifications e.g. CCNA, CCNP are an added advantage
- â–ª Must have excellent verbal and written communication skills and excellent interpersonal skills with the ability.
- â–ª Knowledge and understanding of the Data-Protection-and-Privacy-Act-2019 of Uganda and
- â–ª other relevant legal and regulatory requirements.
- â–ª Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans
- â–ª Ability to understand and assess technology systems and applications from both a technical and business function perspective
- â–ª Understanding of information security principles and best practices (e.g., ISO27001/2,
- â–ª COBIT, NIST, PCI and ISF Standards of Good Practice for Information Security).
- â–ª Excellent analytical and problem-solving abilities to analyze security requirements and relate them to appropriate security controls
- â–ª Experience in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies
- â–ª Knowledge of industry best practices regarding digitalization and automation of banking services.
- â–ª Knowledge of UNIX Operating Systems, Microsoft Server Operating Systems, Virtualization technologies, Intrusion Prevention & Detection systems and advanced enterprise networks
- â–ª (LANs & WANs)
Work Hours: 8 Experience in Months: 24 Level of Education: bachelor degree Job application procedure
Interested in applying for this job? yakobank.com&form%5Bvalid-to%5D=Monday,%20July%207%202025">Click here to submit your application now.
|