Website Absa Bank Tanzania
Absa Bank Tanzania
Chief Information Security Officer (CISO)
Absa Bank Tanzania
Job Overview
Position: Chief Information Security Officer (CISO)
Company: Absa Bank Tanzania
Work Type: Hybrid
Employment Type: Full-time
Location: Absa House – ABT
Job Requisition ID: R-15987105
Application Deadline: 25 May 2026
About Absa
Absa Group is one of Africa’s leading financial institutions with over 100 years of history and operations across multiple African countries and international markets.
The bank offers opportunities for career growth, innovation, leadership development, and regional impact while fostering an inclusive and collaborative working environment.
Job Summary
The Chief Information Security Officer (CISO) is responsible for developing, implementing, and managing the bank’s enterprise-wide information security strategy to protect digital assets, data, and technology infrastructure from cyber threats.
The role ensures:
- Confidentiality, integrity, and availability of information systems
- Compliance with regulatory and cybersecurity standards
- Effective cyber risk management
- Security governance and resilience
- Security integration into business transformation initiatives
The CISO will work closely with:
- Executive leadership
- Technology teams
- Group Security Officers
- Regulators
- Business units
to strengthen the organization’s cybersecurity posture.
Key Responsibilities
1. Strategic Leadership
- Develop and execute enterprise-wide cybersecurity strategies aligned with business goals.
- Advise executive leadership and the board on cyber threats, compliance, and emerging risks.
- Integrate security into digital transformation and enterprise architecture initiatives.
2. Risk Management
- Identify, assess, and mitigate cyber and technology risks.
- Establish and maintain cybersecurity risk management frameworks.
- Conduct regular technical security assessments and vulnerability reviews.
3. Policy & Governance
- Define and enforce cybersecurity policies, standards, and procedures.
- Ensure compliance with:
- ISO 27001
- GDPR
- NIST
- Financial sector regulations
- Coordinate enterprise cybersecurity governance efforts.
4. Incident Response & Cyber Resilience
- Lead incident response activities including:
- Detection
- Containment
- Recovery
- Remediation
- Develop and maintain:
- Disaster recovery plans
- Business continuity plans
- Cyber resilience strategies
- Coordinate major cyber incident responses across departments.
5. Security Architecture & Operations
- Oversee secure system, network, and application design.
- Manage Security Operations Center (SOC) collaboration with Absa Group teams.
- Validate baseline security configurations and controls.
6. Cybersecurity Operations & Intelligence
- Oversee:
- Threat intelligence
- Vulnerability assessments
- Remediation management
- Cyber readiness exercises
- Conduct:
- Quarterly cyber-attack simulations
- Annual enterprise cyber resilience exercises
7. Vendor & Third-Party Risk Management
- Conduct vendor cybersecurity risk assessments.
- Ensure third-party agreements include appropriate security controls.
- Participate in security due diligence processes.
8. Awareness & Training
- Promote cybersecurity awareness across the organization.
- Train employees, suppliers, business partners, and customers on security best practices.
9. Reporting & Governance Communication
- Provide cybersecurity reports to:
- Senior management
- Board committees
- Executive leadership
- Track cybersecurity KPIs and risk metrics.
- Serve as Secretariat to the Cybersecurity Steering Committee.
- Ensure cyber threats are effectively communicated to the CEO.
Additional Responsibilities
- Form and oversee a Cyber-Incident Response Team.
- Monitor global and local cybersecurity trends and incidents.
- Collaborate with institutions involved in cybersecurity and information security matters.
- Track remediation of audit findings, penetration test issues, and regulatory observations.
- Develop metrics to assess cybersecurity effectiveness.
Risk & Control Responsibilities
- Adhere to Absa risk management frameworks, policies, and standards.
- Manage operational and cybersecurity risks within the role.
- Complete all mandatory compliance and cybersecurity training.
Minimum Qualifications & Experience
Education
- Bachelor’s degree in:
- Computer Science
- Information Technology
- Cybersecurity
- Related field
- Master’s degree is preferred.
Experience
- Minimum 10 years of experience in information security roles.
- At least 5 years in a senior leadership position.
Professional Certifications
Preferred certifications include:
- CISSP
- CISM
- CISA
- Equivalent cybersecurity certifications
Technical Skills & Competencies
- Cybersecurity frameworks and governance
- Risk management and compliance
- Cloud security (AWS, Azure)
- DevSecOps
- Zero Trust Architecture
- Incident response management
- Security operations management
- Stakeholder management
- Crisis communication
- Leadership and strategic planning
Key Performance Indicators (KPIs)
- Reduction in cybersecurity incidents and breaches
- Regulatory compliance performance
- Incident detection and response time
- Security awareness training completion rates
- Vendor risk remediation effectiveness
Additional Role Requirements
The ideal candidate should demonstrate:
- Ability to work under pressure and meet tight deadlines
- Strong decision-making and leadership skills
- Entrepreneurial and commercial thinking
- Persuasion and influencing skills
- Innovation and strategic thinking
- Strong communication with internal and external stakeholders
Communication & Stakeholder Interaction
The role involves interaction with:
- Internal teams and leadership
- External customers
- Regulators and government agencies
- Cross-functional business units
Absa Core Values
Absa Group values:
- Trust
- Resourcefulness
- Stewardship
- Inclusiveness
- Courage
Equal Opportunity
Absa Group is committed to diversity, inclusion, and equal opportunity employment across all its operations.
To apply for this job please visit absa.wd3.myworkdayjobs.com.