OB TITLE: CYBER ASSURANCE OFFICER (01) REPORTS TO: CYBER ASSURANCE MANAGER JOB PURPOSE The role holder is responsible for supporting the assurance and risk oversight function of the ICT Security & Governance department by executing control assessments, coordinating penetration testing, conducting vulnerability analysis, and performing third-party security reviews. This role is crucial in ensuring the Bank maintains a robust cybersecurity posture, fulfils its regulatory obligations, and minimises its exposure to internal and external threats.

KEY RESPONSIBILITIES /KEY DELIVERABLES

Cybersecurity Risk Assessments

• Conduct routine assessments of IT systems, applications, and business processes to evaluate the design and effectiveness of cybersecurity controls.

• Assist in the identification, documentation, and tracking of cybersecurity risks and weaknesses across the Bank. Vulnerability Management & Testing Support

• Plan, coordinate, and report on vulnerability assessments and penetration testing exercises (internal, external, application, wireless, cloud).

• Follow up on remediation timelines and verify closure of high-risk findings.

• Perform basic technical validation of findings using approved tools and methods. Third-Party Security Assessments

• Conduct security due diligence for third-party service providers and vendors during onboarding and renewal cycles.

• Maintain the third-party security risk tracker in alignment with the Bank’s procurement and outsourcing guidelines.

• Liaise with procurement, legal, and IT teams to ensure security clauses are included in contracts. Cybersecurity Audit Support

• Support internal and external audits related to cybersecurity and IT risk management.

• Prepare and organise documentation, evidence logs, and follow-up actions for audit requirements.

• Track closure of audit findings and provide regular progress reports to the Cyber Assurance Manager. Red Team & Control Testing Participation

• Assist with red team and tabletop exercises under the direction of the Cyber Assurance Manager.

• Help simulate adversary tactics to evaluate the effectiveness of the SOC and incident response capabilities.

• Document findings and lessons learned from exercises.

Reporting & Metrics

• Maintain dashboards and reports related to vulnerabilities, risks, and third-party assessments. BUSINESS BEHAVIOURS

Passion: Committed to excellence, delivering outstanding results and making a positive impact on our customers and stakeholders.

Teamwork: Collaborates, mutual respect, and diverse perspectives, to achieve shared success and deliver greater value to the Bank.  Integrity: Uphold honesty, transparency, and accountability, ensuring ethical practices in every action. Innovation: Embrace creativity and forward-thinking, continually seek new solutions to enhance customer experience and drive business growth.

QUALIFICATIONS, EXPERIENCE AND COMPETENCIES REQUIRED

Bachelor’s degree in Cybersecurity, Information Technology, or a related discipline.

A minimum of 2 years of experience in cybersecurity, IT audit, programming, IT system administration, or related role

Preferred certifications:

JPT, CEH, Security+, or other entry-level GRC or technical certs. § Exposure to security assessments, vulnerability scanning, or penetration testing.

Familiarity with financial or regulated environments is an added advantage.

THE FOLLOWING DOCUMENTS SHOULD ACCOMPANY THE APPLICATION § Cover letter, Detailed CV, and Copies of academic documents all as one file. MODE OF APPLICATION § Online applications addressed to Chief People & Strategy Officer, Pearl Bank Uganda.

Send application to hr@postbank.co.ug with job title as subject.

Closing Date: Monday 3rd November 2025 at 5:00pm.

Only shortlisted candidates will be contacted.