Banking innovations that help your business growarrow2

>> CDHIB weekly economic review report. Click here                                    >> Protect yourself and others from COVID-19. Click here


IT Security Risk Manager

CDH Investment Bank Limited seeks to recruit a suitable candidate for the position of IT Security Risk Manager.

Background of the organization

CDH Investment Bank Limited is licensed under the Banking Act by the Reserve Bank of Malawi to provide full banking services. The Bank opened for business on 2nd April 2012 and has banking centres in Blantyre and Lilongwe. Being part of Continental Holdings Limited which is a vibrant financial services group, CDH Investment Bank Limited is a unique formation in the financial services sector as it is designed to provide unique banking solutions in Malawi. 

In this regard, CDH Investment Bank Limited requires a highly skilled, motivated, and innovative person that will fit the corporate ambitions of a highly creative and innovative bank.

The Bank invites applications from suitably qualified individuals for the position of IT Security Risk Manager, tenable at Head Office in Blantyre.

Organizational context

The position reports to the Chief Risk & Compliance Officer in all respects.

Nature and scope of the position

  1. The incumbent shall be responsible for working with other departments to ensure compliance with corporate IT security risk policies, processes, and procedures and for oversight of IT security risk best practices, regulatory and global IT security risk requirements.
  2. The incumbent will therefore see to it that all departments in the bank are in-compliance with the corporate IT security risk and compliance policies, processes, and procedures.
  3. Take a leading role on the bank’s information security.
  4. Participate in the development, provision, and successful implementation of an information security program, with a view to minimize the bank’s exposure to ICT incidences and vulnerabilities.

Specific responsibilities 

  1. Participate in the development, provision, and successful implementation of an information security program, with a view to minimize the bank’s exposure to ICT incidences and vulnerabilities.
  2. In liason with ICT department, implement and manage the ISO 27002 Information Security Framework in line with the business strategy.
  3. Review measures, systems, and processes to ensure they are capable of preventing the loss or theft of the Bank’s intellectual property.
  4. Development of a robust approach to adopting information security best practices.
  5. Risk and Compliance Management
    • Analyse the vulnerability and security assessment management program.
    • Monitor and report on the effectiveness of the business continuity plan.
    • Review and report on how ICT related audit issues have been resolved.
    • Monitor IT department Compliance with ISO27001, African Privacy Act, Malawi Cyber Security Law, PCI/DSS and RBM checklist for IT Risk Management guidelines.
  6. People management
    • Ensure effective learning and knowledge management.
    • Ensure accountability of team and individuals at all times.
    • Improve individual performance.

Key qualities

  • Strategic, analytical, systems thinking and problem-solving skills.
  • Must have the ability to work as a part of a team and assist the strategic teams in their work.
  • The candidate needs to have excellent analytical and investigative skills in respect of risk assessment and strategic approach.
  • Good interpersonal, written, and oral communication skills.
  • Ability to relate to people at all levels internally and externally with a strong client-service focus.
  • Able to maintain confidential information.
  • Strong communication skills with the ability to communicate technical ideas and concerns in a non-technical manner.
  • Confident, drives performance and is assertive.
  • Proactive, resourceful, solutions and results oriented.
  • Flexibility and ability to work under pressure and meeting deadlines in changing situations.

Qualification and experience

  • MUST have a Bachelor’s degree in Computer Science, Information Security and or Information Technology or related fields obtained from a recognized institution.
  • MUST have IT security certifications CISSP, CISM, CEH.
  • Good understanding of the financial sector threat landscape.
  • Familiar with cloud technologies, data analytics and big data technologies.
  • Must exhibit knowledge of best practice IT security standards (COBIT/ITIL/IS0 270001).
  • Minimum of 5 years’ experience in IT banking environment.


The position offers a remuneration package and benefits commensurate with its seniority, level of skills and experience. 

How to apply

Interested persons who meet the minimum requirements outlined above may forward applications in person, by post or email to the address below, to be received no later than close of business on 31st January 2023.

Applications must be accompanied by:

  1. A detailed curriculum vitae
  2. Certified copies of academic qualifications
  3. Certified copy of valid national identity document/passport; and
  4. Details of three contactable referees.

Please note applications that do not meet all the requirements specified above will not be considered. Only shortlisted applications will be acknowledged.


Chief Executive Officer/Managing Director
CDH Investment Bank Limited
P O Box 1444
Blantyre, Malawi

Email: This email address is being protected from spambots. You need JavaScript enabled to view it.



  • Executive loan

    Executive loan

  • Asset financing

    Asset financing

  • Prime investors a/c

    Prime investors a/c

  • International trade

    International trade

  • Cash covered loan

    Cash covered loan

  • Foreign currency swaps

    Foreign currency swaps

  • Financial planning

    Financial planning

  • Careers