OB TITLE: CYBER ASSURANCE OFFICER (01) REPORTS TO: CYBER ASSURANCE MANAGER JOB PURPOSE The role holder is responsible for supporting the assurance and risk oversight function of the ICT Security & Governance department by executing control assessments, coordinating penetration testing, conducting vulnerability analysis, and performing third-party security reviews. This role is crucial in ensuring the Bank maintains a robust cybersecurity posture, fulfils its regulatory obligations, and minimises its exposure to internal and external threats.
KEY RESPONSIBILITIES /KEY DELIVERABLES
Cybersecurity Risk Assessments
• Conduct routine assessments of IT systems, applications, and business processes to evaluate the design and effectiveness of cybersecurity controls.
• Assist in the identification, documentation, and tracking of cybersecurity risks and weaknesses across the Bank. Vulnerability Management & Testing Support
• Plan, coordinate, and report on vulnerability assessments and penetration testing exercises (internal, external, application, wireless, cloud).
• Follow up on remediation timelines and verify closure of high-risk findings.
• Perform basic technical validation of findings using approved tools and methods. Third-Party Security Assessments
• Conduct security due diligence for third-party service providers and vendors during onboarding and renewal cycles.
• Maintain the third-party security risk tracker in alignment with the Bank’s procurement and outsourcing guidelines.
• Liaise with procurement, legal, and IT teams to ensure security clauses are included in contracts. Cybersecurity Audit Support
• Support internal and external audits related to cybersecurity and IT risk management.
• Prepare and organise documentation, evidence logs, and follow-up actions for audit requirements.
• Track closure of audit findings and provide regular progress reports to the Cyber Assurance Manager. Red Team & Control Testing Participation
• Assist with red team and tabletop exercises under the direction of the Cyber Assurance Manager.
• Help simulate adversary tactics to evaluate the effectiveness of the SOC and incident response capabilities.
• Document findings and lessons learned from exercises.
Reporting & Metrics
• Maintain dashboards and reports related to vulnerabilities, risks, and third-party assessments. BUSINESS BEHAVIOURS
Passion: Committed to excellence, delivering outstanding results and making a positive impact on our customers and stakeholders.
Teamwork: Collaborates, mutual respect, and diverse perspectives, to achieve shared success and deliver greater value to the Bank. Integrity: Uphold honesty, transparency, and accountability, ensuring ethical practices in every action. Innovation: Embrace creativity and forward-thinking, continually seek new solutions to enhance customer experience and drive business growth.
QUALIFICATIONS, EXPERIENCE AND COMPETENCIES REQUIRED
Bachelor’s degree in Cybersecurity, Information Technology, or a related discipline.
A minimum of 2 years of experience in cybersecurity, IT audit, programming, IT system administration, or related role
Preferred certifications:
JPT, CEH, Security+, or other entry-level GRC or technical certs. § Exposure to security assessments, vulnerability scanning, or penetration testing.
Familiarity with financial or regulated environments is an added advantage.
THE FOLLOWING DOCUMENTS SHOULD ACCOMPANY THE APPLICATION § Cover letter, Detailed CV, and Copies of academic documents all as one file. MODE OF APPLICATION § Online applications addressed to Chief People & Strategy Officer, Pearl Bank Uganda.
Send application to hr@postbank.co.ug with job title as subject.
Closing Date: Monday 3rd November 2025 at 5:00pm.
Only shortlisted candidates will be contacted.
