Summary
Overview
Work History
Education
Skills
Affiliations
Websites
Certification
References
Timeline
Generic

DIANA TUKUNDANE AGABA

Kampala

Summary

Cybersecurity leader with 16 years of experience in enterprise risk management, compliance, and incident response. Proven track record of enhancing cyber resilience and establishing proactive risk cultures, leading to improved security posture and regulatory compliance. Expertise in developing risk mitigation strategies aligned with organizational goals. Recognized for high productivity and effective implementation of robust security frameworks across all operational levels.

Overview

15
15
years of professional experience
1
1
Certification

Work History

Head of Information Security

Stanbic Bank
09.2022 - Current
  • Provided strategic leadership in cybersecurity governance, risk, and compliance initiatives.
  • Established enterprise-wide information security vision and strategy to guide efforts.
  • Implemented advanced threat detection strategies, enhancing cyber resilience maturity from 3/5 to 4/5 in two years.
  • Led development of Security Operating Model, expanding team size from 5 to 13 while ensuring complete operational coverage.
  • Spearheaded diversity initiatives, increasing Women in Tech representation to 38%.
  • Enhanced security awareness proficiency from 55% to 60%, approaching industry benchmark of 65%.
  • Designed advanced cyber incident simulations, achieving an average score of 84% for two consecutive years.
  • Cultivated proactive risk culture, attaining full regulatory compliance with a perfect audit score of 100%.

Manager, IT Security, Standards, and Architecture

dfcu Bank
09.2020 - 08.2022
  • Designed and deployed enterprise-wide cybersecurity framework aligned with ISO 27001, NIST, and CIS controls.
  • Managed 25% of IT budget as information security budget to optimize resource allocation.
  • Created automated monthly cybersecurity risk dashboard for senior leadership, enhancing decision-making.
  • Led implementation of Secure Web Gateway, F5 Web Application Firewall, and Guardium Database Activity Monitoring to strengthen defense-in-depth strategy.

IT Security Specialist - Cyber Defence

dfcu Bank
06.2018 - 08.2020
  • Optimized Endpoint Detection & Response deployment, reducing incident response time by 40%.
  • Managed vendor relations to enhance threat detection capabilities.
  • Designed and executed enterprise-wide phishing awareness training, lowering phish-prone users from 23% to 5.9% in one year.
  • Deployed privileged access management and SIEM platforms to strengthen access controls.

Team Leader, Information Security

Stanbic Bank
06.2015 - 05.2018
  • Conducted tabletop cyber incident response exercises, improving decision-making and reducing response time by 20%.
  • Managed patch and vulnerability processes, achieving over 98% compliance through automation and continuous monitoring.
  • Deployed security controls such as Forcepoint Secure Web Gateway and Qradar SIEM to enhance threat detection and limit unauthorized access.
  • Established security awareness training for new and existing staff, increasing policy adherence and mitigating social engineering risks.

Network Support Engineer

Stanbic Bank
08.2010 - 05.2015
  • Orchestrated overhaul of bank network infrastructure, introducing dual links and auto-failover mechanisms, raising network uptime from 90% to 98% and strengthening redundancy.

Education

Executive master’s in business administration (EMBA) -

Quantic School of Business And Technology
USA
01.2025

Master of Science - Management & Information Systems: Change & Development

University of Manchester
UK
01.2013

bachelor’s degree - Telecommunication Engineering

Kyambogo University
Uganda
01.2008

Skills

  • Cybersecurity strategy and governance
  • Vendor management
  • Business process improvement
  • Analytical skills
  • Business continuity planning
  • Risk management and compliance
  • Incident response and cyber resilience
  • Security information and event management
  • Data privacy and protection
  • Vulnerability management and threat assessment
  • Disaster recovery and business continuity
  • Change management and security awareness
  • Project execution and program management
  • Leadership and stakeholder engagement

Affiliations

  • President, Women in Cyber Security (WiCyS) Uganda Affiliate
  • Committee member, presenter, and speaker| She Leads Tech - One in Tech (ISACA)
  • Cybersecurity committee member| Uganda Bankers' Association (UBA)
  • Member, speaker, and presenter| ISC², AFICTA, Africa Cyber Defense Forum
  • Rotary Uganda |Club administrator and cancer run officer

Certification

  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Associate Chief Information Security Officer (C|CISO)
  • Certified Data Protection Officer (CDPO)
  • Information Technology Infrastructure Library (ITIL 4 edition)
  • AWS certified cloud practitioner
  • ISO 27001 senior lead implementer
  • Female Future Program (FFP) |Board competence| Confederation of Norwegian Enterprises (NHO)

References

References available upon request.

Timeline

Head of Information Security

Stanbic Bank
09.2022 - Current

Manager, IT Security, Standards, and Architecture

dfcu Bank
09.2020 - 08.2022

IT Security Specialist - Cyber Defence

dfcu Bank
06.2018 - 08.2020

Team Leader, Information Security

Stanbic Bank
06.2015 - 05.2018

Network Support Engineer

Stanbic Bank
08.2010 - 05.2015

Executive master’s in business administration (EMBA) -

Quantic School of Business And Technology

Master of Science - Management & Information Systems: Change & Development

University of Manchester

bachelor’s degree - Telecommunication Engineering

Kyambogo University
DIANA TUKUNDANE AGABA