Job Title: Chief Information Security Officer (CISO)
Organisation: Diamond Trust Bank Uganda (DTB)
Duty Station: Kampala, Uganda
About US:
Diamond Trust Bank Uganda is a full-fledged commercial Bank with a network of 40 branches and 36 ATM locations in major Ugandan urban centers and still growing. The bank is also an affiliate of the Aga Khan Fund for Economic Development (AKFED) which is the economic development arm of the Aga Khan Development Network (AKDN).
Key Duties and Responsibilities:
Develop and Execute Zero Trust Architecture Strategy:
- Lead the development and implementation of the Zero Trust Architecture strategy, ensuring alignment with the bank’s overall security objectives.
- Define the roadmap for transitioning to a Zero Trust Architecture, including goals, milestones, and resource requirements.
- Evaluate emerging technologies and industry best practices to enhance the bank’s security posture.
Security Governance and Risk Management:
- Establish and maintain a robust security governance framework that aligns with regulatory requirements, industry standards, and best practices.
- Identify and assess security risks, vulnerabilities, and threats, and develop appropriate risk mitigation strategies.
- Collaborate with internal stakeholders to establish security policies, standards, and procedures that support the Zero Trust Architecture.
Security Operations and Incident Response:
- Oversee the design, implementation, and operation of security controls and technologies to protect the bank’s infrastructure, applications, and data.
- Develop and maintain an incident response plan, ensuring the organization’s readiness to detect, respond, and recover from security incidents.
- Conduct regular security assessments, penetration testing, and vulnerability scanning to identify potential weaknesses and recommend remediation measures.
Security Awareness and Training:
- Develop and implement a comprehensive security awareness program to educate bank employees on the principles of Zero Trust and their roles in maintaining a secure environment.
- Conduct regular security training sessions and workshops to enhance the security awareness and knowledge of employees across the organization.
Stakeholder Management and Collaboration:
- Collaborate with senior management, business units, and technology teams to understand their requirements, align security objectives, and ensure the successful implementation of the Zero Trust Architecture.
- Engage with external partners, vendors, and industry peers to stay abreast of the latest security trends, technologies, and threats.
Qualifications, Skills and Experience:
- The applicant must hold a Bachelor’s degree in Computer Science, Information Security, or a related field. A master’s degree is preferred.
- Extensive experience (minimum of 10 years) in information security, including hands-on experience in designing and implementing security solutions in a complex environment.
- Proven experience in leading and managing security operations, incident response, and risk management teams.
- Experience in the financial industry or a similarly regulated environment is highly desirable.
- In-depth knowledge of cybersecurity principles, frameworks, and standards (e.g., NIST, ISO 27001, etc.).
- Strong understanding of Zero Trust Architecture principles, concepts, and implementation strategies.
- Familiarity with cloud security, network security, identity and access management, encryption technologies, and secure coding practices.
- Experience with security tools such as SIEM, DLP, IDS/IPS, and vulnerability management systems.
Leadership and Communication Skills:
- Excellent leadership and people management skills with the ability to build and motivate high-performing teams.
- Strong analytical and problem-solving skills with the ability to make sound decisions in complex and high-pressure situations.
- Exceptional communication and presentation skills.
How to Apply:
All candidates should send their applications to recruitment@dtbuganda.co.ug
NB: DTB is an equal opportunity employer.
Deadline: 30th June 2023.