CHIEF INFORMATION SECURITY OFFICER (CISO)
Banking Jobs
- EmpowerBank Limited
- Expires 09 Jun 2026
- Harare
- Full Time
Job Description
An exciting opportunity has arisen for a Chief Information Security Officer. Applications are being invited from suitably qualified and experienced candidates
Duties and Responsibilities
a. Security Strategy Development
• Leads the development and maintenance of the Microbank’s cybersecurity strategy to protect all critical information assets and
ensure alignment with business objectives.
b. Cyber Risk Management
• Identifies, evaluates and mitigates information security risks across the Microbank, working with senior management to ensure
alignment with risk appetite and regulations.
• Leads cyber risk assessments for systems, products and business initiatives.
• Assists with assessing, selecting and managing third party vendors and service providers to ensure security measures are upheld in
all external partnerships or arrangements.
• Monitors KRIs and KPIs to measure the effectiveness of the cybersecurity program.
c. Security Governance and Compliance
• Establishes, maintains cyber security governance frameworks, policies and procedures that comply with industry standards,
regulations and best practices.
• Ensures compliance with cybersecurity standards, regulatory expectations and audit recommendations.
• Oversees processes for data classification, secure system access and safe handling of sensitive information.
• Prepares and presents periodic cybersecurity reports to the Board and executive committees.
d. Incident Response and Threat Management
• Oversees the Microbank’s incidence response strategy including investigation, reporting, resolution and escalation of cybersecurity
incidents ensuring minimal disruption and damage.
e. Security Architecture and Infrastructure
• Collaborates with Digital Banking teams to implement and monitor technical security measures e.g. firewalls, encryption, access
control, network security protocols.
f. Awareness & Culture Building
• Develops and delivers cybersecurity training and awareness programs.
• Promotes a culture of security across all departments and business functions.
Qualifications and Experience
• Bachelor’s degree in Computer Science, Information Security, or a related field (Master’s degree will be an added advantage)
• Relevant certifications such as CISSP, CISM or CISA or equivalent.
• Minimum of 5 years in information security, with at least 2 years in a senior leadership role or CISO role within a regulated financial
institution.
• Proven experience in leading and managing cross functional teams with the ability to influence and align diverse stakeholders.
• Strong written and verbal skills with the ability to translate complex security concepts into actionable business terms.
• Ability to analyse complex security challenges and make informed decisions that balance risk with business needs.
Technical Proficiency
The ideal candidate must demonstrate hands-on expertise in:
* Cybersecurity Technologies & Tools
• Security Information & Event Management (SIEM) platforms
• Intrusion Detection/Prevention Systems (IDS/IPS)
• Endpoint Detection & Response (EDR) tools
• Firewalls, VPNs, and Network Security Monitoring tools
• Vulnerability assessment and penetration testing tools
• Identity & Access Management (IAM) and Privileged Access Management (PAM)
Security Architecture & Controls
• Authentication and authorisation mechanisms
• Encryption technologies (data at rest and data in transit)
• Secure network design principles
• Cloud security controls (Azure, AWS, or equivalent)
• Data classification and protection frameworks
Attributes:
• Proven track record of building a strong cybersecurity culture within an organisation.
• Familiarity with incidence response frameworks and breach notification requirements.
• Ability to think strategically and implement long-term security initiatives.
• High level of integrity and independent judgement
How to Apply
All applications addressed to hr@empowerbank.co.zw must be recieved no later that the 9th June 2026 clearly stating the position being applied for under the subject matter. CV , application letter and copies of academic and professional qualifications must be send as a single file.
