About the Organization

DCB Commercial Bank PLC is a fully-fledged retail and commercial bank in Tanzania. The bank offers banking services to Individuals, Microfinance, Small to Medium sized Businesses (MSME), as well as large corporate clients.

DCB Bank has a wide branch network of over 8 branches, over 1000 DCB Wakala Agents, and over 280 Umoja switch ATMs serving over 3 million customers across the country.

Job Overview

DCB Commercial Bank PLC invites suitably qualified candidates to fill the position of ICT Risk Officer.

The successful candidate will be responsible for ensuring the bank’s information security, business continuity, and data protection frameworks are effectively implemented, monitored, and compliant with regulatory requirements.

Key Responsibilities

• Developing and implementing ICT risk and information security policies including BCM, BCPs, DRP, and related frameworks.
• Overseeing cybersecurity monitoring and incident management, including vulnerability assessments, penetration testing, and event/incident logs.
• Customer retention; maximizing benefit from customers through cross-selling relevant DCB products in the segment including digital products.
• Managing user access and privileged accounts across applications, servers, and databases to ensure proper controls.
• Ensuring compliance with the Personal Data Protection Act and regulatory requirements, including reporting violations and maintaining registration as a Data Controller/Processor.
• Conducting staff training and awareness programs on cybersecurity, ICT risks, and data protection.
• Performing security and resilience risk assessments for projects, systems, and business units.
• Coordinating closure of audit and regulatory findings to ensure issues are resolved and do not occur.
• Acting as liaison with regulators and external agencies on ICT risk and compliance matters and normal users.

Qualifications, Skills and Experience

• Bachelor’s degree in Information Systems, Computer Science, Information Technology or related field from a recognized institution.
• Professional qualification in CISA, CRISC, or (CISM) are would an added advantage.
• 2 years’ relevant experience in a highly automated environment.
• Proficient in use of Microsoft Office tools.

• Developing and implementing ICT risk and information security policies including BCM, BCPs, DRP, and related frameworks.
• Overseeing cybersecurity monitoring and incident management, including vulnerability assessments, penetration testing, and event/incident logs.
• Customer retention; maximizing benefit from customers through cross-selling relevant DCB products in the segment including digital products.
• Managing user access and privileged accounts across applications, servers, and databases to ensure proper controls.
• Ensuring compliance with the Personal Data Protection Act and regulatory requirements, including reporting violations and maintaining registration as a Data Controller/Processor.
• Conducting staff training and awareness programs on cybersecurity, ICT risks, and data protection.
• Performing security and resilience risk assessments for projects, systems, and business units.
• Coordinating closure of audit and regulatory findings to ensure issues are resolved and do not occur.
• Acting as liaison with regulators and external agencies on ICT risk and compliance matters and normal users.

• Proficient in use of Microsoft Office tools.

• Bachelor’s degree in Information Systems, Computer Science, Information Technology or related field from a recognized institution.
• Professional qualification in CISA, CRISC, or (CISM) are would an added advantage.