IT Risk Officer at Pearl Bank Uganda

Location: Kampala, Uganda

Deadline: 3rd November 2025

Key Requirement: Bachelor's in IT/Computer Science + 2 years' experience in IT Risk/Audit.

Certifications: CRISC, CISA, or related (preferred).

About Pearl Bank Uganda

Pearl Bank Uganda is the new name for the government-owned PostBank Uganda, which is rebranding to enhance its appeal to partners and customers while strengthening its focus on digital finance and inclusive growth. The name is inspired by the phrase “the pearl of Africa” and aims to reflect the bank’s identity as a digitally progressive and dependable institution committed to supporting Ugandan businesses and individuals. The rebranding is part of a strategic plan to become a leading indigenous commercial bank.

Job Summary

The role holder will support effective management of IT and cyber risks by providing independent assurance on the adequacy of controls, assisting in second-line risk assurance activities, and ensuring robust risk oversight through established governance processes.

Key Duties and Responsibilities

• Conducting Information System risk assessments for new and existing systems, applications, and programs to ensure compliance with the bank’s security policies, regulatory requirements and adherence to best practices to identify weaknesses or security exposures and prescribe solutions to mitigate the risks related to those weaknesses and exposures.
• Performance of periodic and surprise security assessments of areas such as operating systems, database management systems, firewalls, intrusion detection systems, and web-based applications.
• Identification and evaluation of business technology risks and internal controls which mitigate risks, and related opportunities for internal control improvement and propose risk treatment plans.
• Providing guidance over the general activities and concerns of the organization’s information technology function including governance, policy, control design, general operational effectiveness, and internal controls.
• Liaising and coordinating with respective Risk champions, review IT risk and control self-assessments.
• Maintaining and following up / tracking for closure all IT findings arising out of Risk, Internal Audit, External Audit and BOU reviews.
• Monitoring and tracking IT risk events and following up associated actions plans to closure.
• Working with control owners to ensure control accuracy and remediation of any issues related to control exceptions.
• Maintaining a forward-looking Technology risk profile of the bank that captures the major risks, ensuring that risks that might impact multiple businesses and/or support functions are captured, and actions initiated to mitigate and control risks leading to a reduction in operational losses.
• Ensuring that staff are adequately trained in IT Risk Management, policies, and procedures.
• Ensuring that controls and checks associated with IT Risk Management deployment are in place and are effective.
• Performing annual Quality Assurance Reviews of IT related Policies, Processes, and procedure manuals.
• Overseeing the Disaster Recovery Governance framework and Implementation.
• Supporting in the review of IT Risk Control Self Assessments (RCSAs) & Key Risk Indicators.
• Supporting elements of IT related Investigations.
• Conducting IT Project Risk Assessments as and when required.
• Providing risk oversight and assurance over the activities of the Business Technology; Digitisation and Innovation Units.
• Providing support in the preparation of monthly ICT risk reports as part of input into the monthly Management Risk Committee meetings and quarterly Board Risk Committee meetings.
• Conducting IT Risk awareness training and sharing of IT risk control communication across the bank to improve risk awareness.

Qualifications, Skills and Experience

• Bachelor of in Information Systems Technology, Computer Science, or Engineering, or equivalent experience required.
• Possesses or part qualified in one or more of the following certifications: Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or other related certification.
• Must have critical thinking, analytical, attention to detail and problem-solving skills to quickly stop threats of significance to the institution.
• Good verbal and written communication skills.
• At least two years’ experience in IT Audits, IT Risk management or Banking Operations.

Business Behaviours

• Passion: Committed to excellence, delivering outstanding results and making a positive impact on our customers and stakeholders.
• Teamwork: Collaborates, mutual respect, and diverse perspectives, to achieve shared success and deliver greater value to the Bank.
• Integrity: Uphold honesty, transparency, and accountability, ensuring ethical practices in every action.
• Innovation: Embrace creativity and forward-thinking, continually seek new solutions to enhance customer experience and drive business growth.

How to Apply

The following documents should accompany the application; Cover letter, Detailed CV, and Copies of academic documents all as one file.

Online applications addressed to Chief People & Strategy Officer, Pearl Bank Uganda.

Send application to hr@postbank.co.ug with job title as subject.

Deadline: 3rd November 2025

Only shortlisted candidates will be contacted.

Brown Alex Wednesday, 29 October 2025 Finance Jobs