Assistant Manager, ICT Risk
2025-05-12T12:46:35+00:00
NCBA Group
https://cdn.greattanzaniajobs.com/jsjobsdata/data/employer/comp_4947/logo/NCBA%20Bank.png
https://www.greattanzaniajobs.com/jobs
FULL_TIME
Dar es Salaam
Dar es Salaam
00000
Tanzania
Banking
Management
2025-05-15T17:00:00+00:00
Tanzania
8
Job Purpose Statement
The purpose of this role is to create and sustain a cohesive culture and approach to ICT Risks that gives assurance on the Bank’s ability to adapt, recover, or mitigate the impact of Information and Cyber risks on its business, customers, employees, shareholders, and other stakeholders.
Key Accountabilities (Duties and Responsibilities)
Internal Business Processes (75%)
- Undertake risk assessments, analyze the effectiveness of technical and procedural control activities, and provide actionable recommendations to management.
- Assess the Bank’s information and Cyber Security capabilities, operations, and supporting technology controls to identify risks and recommend pragmatic risk mitigation measures.
- Identify and assess business disruption risks and their impacts associated with current business practices and strategic plans.
- Identify critical points of failure in the Bank’s ICT disaster recovery plans and recommend risk mitigation measures based on best practice standards.
- Review and report on the residual ICT risks.
- Review and improve the training and awareness programs for Information and Cyber Security in the bank.
- Succinctly frame emerging threats and risks in alignment with the existing risk profile.
- Distill complex risk, process, and control relationships into simple dashboards/reports.
- Demonstrate robust risk management oversight in supporting various internal assessments and regulatory examinations.
- Support the development of the IT risk management practice, framework, and methodologies.
- Review, report, and follow-up on closure of any noted gaps during the ICT risk assessments.
- Periodical review of the ICT and Cyber Security policy, standards, and guidelines.
Customer (15%)
- Drive customer satisfaction through timely ICT risk assessments that have been put in place to support business.
- Provide prompt feedback on internal customer queries on ICT.
Learning and Growth (10%)
- Responsible for delivering the performance objectives set and managing his/her own learning and development to build capacity and avail him/herself for coaching and training opportunities.
Job Dimensions
Stakeholder Management:
Key stakeholders that the position holder will need to liaise/work with to be successful in this role.
- Internal: Business Units, Technology & Operations, Enterprise Projects team, Internal Audit
- External: Vendors, External Auditors
Decision Making Authority/Mandates/Constraints:
The decisions the position holder is empowered to make include:
- Methodology and procedures for ICT Risk Assessment
- Reporting of ICT risks to management
- Follow-up with management to close ICT gaps identified
Ideal Job Specifications
- University Degree in a relevant field
- Master’s degree will be an added advantage
- Relevant certifications in Information Security and Risk Management knowledge areas such as CRISC, CISM, CISA, CISSP, or equivalent.
- At least 4 years’ experience in a similar role with exposure to Banking operations, Technology, or Assurance functions.
- Practical Knowledge of BOU guidelines on ICT Risk Management.
- Practical Knowledge of risk and control frameworks and their application within the Financial Services industry.
Ideal Job Competencies
Technical Competencies
- Risk Management: Ability to anticipate and mitigate risk by developing appropriate Risk Management Policies.
- Compliance and Regulatory Framework: A good understanding of the regulatory issues, reporting, and operational requirements as provided by BOU, URA, and other key stakeholders.
- Conceptual and Analytical Skills: Ability to quickly grasp and understand systems and keen attention to detail.
- Technology Skills: Knowledge and application of modern IS security management practices in the financial services industry.
Behavioural Competencies
- Performance Management: Optimizing own productivity.
- Communication and Interpersonal Skills: Effectively communicating with and managing customer expectations (internal and external), and other stakeholders who impact performance.
- Knowledge and Application: Knowledge and effective application of all relevant banking policies, processes, procedures, and guidelines to consistently achieve required compliance standards or benchmarks.
- Self-Empowerment: Developing open communication, teamwork, and trust to support performance and a customer-service-oriented culture.
- Critical Thinking: Ability to think critically and analytically, expressing points of view supported by data (for both technical and non-technical audiences).
- Collaboration: Collaborating effectively with colleagues, stakeholders, and leaders across multiple organizations to get consensus, socialize strategy, and achieve objectives.
- Execution and Achievement-Oriented: Striving to achieve results, being measured and judged on performance standards.
- Personal Ethics: Must be honest, fair, just, firm with himself, and of high integrity.
Internal Business Processes (75%) Undertake risk assessments, analyze the effectiveness of technical and procedural control activities, and provide actionable recommendations to management. Assess the Bank’s information and Cyber Security capabilities, operations, and supporting technology controls to identify risks and recommend pragmatic risk mitigation measures. Identify and assess business disruption risks and their impacts associated with current business practices and strategic plans. Identify critical points of failure in the Bank’s ICT disaster recovery plans and recommend risk mitigation measures based on best practice standards. Review and report on the residual ICT risks. Review and improve the training and awareness programs for Information and Cyber Security in the bank. Succinctly frame emerging threats and risks in alignment with the existing risk profile. Distill complex risk, process, and control relationships into simple dashboards/reports. Demonstrate robust risk management oversight in supporting various internal assessments and regulatory examinations. Support the development of the IT risk management practice, framework, and methodologies. Review, report, and follow-up on closure of any noted gaps during the ICT risk assessments. Periodical review of the ICT and Cyber Security policy, standards, and guidelines. Customer (15%) Drive customer satisfaction through timely ICT risk assessments that have been put in place to support business. Provide prompt feedback on internal customer queries on ICT. Learning and Growth (10%) Responsible for delivering the performance objectives set and managing his/her own learning and development to build capacity and avail him/herself for coaching and training opportunities.
Performance Management: Optimizing own productivity. Communication and Interpersonal Skills: Effectively communicating with and managing customer expectations (internal and external), and other stakeholders who impact performance. Knowledge and Application: Knowledge and effective application of all relevant banking policies, processes, procedures, and guidelines to consistently achieve required compliance standards or benchmarks. Self-Empowerment: Developing open communication, teamwork, and trust to support performance and a customer-service-oriented culture. Critical Thinking: Ability to think critically and analytically, expressing points of view supported by data (for both technical and non-technical audiences). Collaboration: Collaborating effectively with colleagues, stakeholders, and leaders across multiple organizations to get consensus, socialize strategy, and achieve objectives. Execution and Achievement-Oriented: Striving to achieve results, being measured and judged on performance standards. Personal Ethics: Must be honest, fair, just, firm with himself, and of high integrity.
University Degree in a relevant field Master’s degree will be an added advantage Relevant certifications in Information Security and Risk Management knowledge areas such as CRISC, CISM, CISA, CISSP, or equivalent. At least 4 years’ experience in a similar role with exposure to Banking operations, Technology, or Assurance functions. Practical Knowledge of BOU guidelines on ICT Risk Management. Practical Knowledge of risk and control frameworks and their application within the Financial Services industry.
JOB-6821edab34077
Vacancy title:
Assistant Manager, ICT Risk
[Type: FULL_TIME, Industry: Banking, Category: Management]
Jobs at:
NCBA Group
Deadline of this Job:
Thursday, May 15 2025
Duty Station:
Dar es Salaam | Dar es Salaam | Tanzania
Summary
Date Posted: Monday, May 12 2025, Base Salary: Not Disclosed
Similar Jobs in Tanzania
Learn more about NCBA Group
NCBA Group jobs in Tanzania
JOB DETAILS:
Job Purpose Statement
The purpose of this role is to create and sustain a cohesive culture and approach to ICT Risks that gives assurance on the Bank’s ability to adapt, recover, or mitigate the impact of Information and Cyber risks on its business, customers, employees, shareholders, and other stakeholders.
Key Accountabilities (Duties and Responsibilities)
Internal Business Processes (75%)
- Undertake risk assessments, analyze the effectiveness of technical and procedural control activities, and provide actionable recommendations to management.
- Assess the Bank’s information and Cyber Security capabilities, operations, and supporting technology controls to identify risks and recommend pragmatic risk mitigation measures.
- Identify and assess business disruption risks and their impacts associated with current business practices and strategic plans.
- Identify critical points of failure in the Bank’s ICT disaster recovery plans and recommend risk mitigation measures based on best practice standards.
- Review and report on the residual ICT risks.
- Review and improve the training and awareness programs for Information and Cyber Security in the bank.
- Succinctly frame emerging threats and risks in alignment with the existing risk profile.
- Distill complex risk, process, and control relationships into simple dashboards/reports.
- Demonstrate robust risk management oversight in supporting various internal assessments and regulatory examinations.
- Support the development of the IT risk management practice, framework, and methodologies.
- Review, report, and follow-up on closure of any noted gaps during the ICT risk assessments.
- Periodical review of the ICT and Cyber Security policy, standards, and guidelines.
Customer (15%)
- Drive customer satisfaction through timely ICT risk assessments that have been put in place to support business.
- Provide prompt feedback on internal customer queries on ICT.
Learning and Growth (10%)
- Responsible for delivering the performance objectives set and managing his/her own learning and development to build capacity and avail him/herself for coaching and training opportunities.
Job Dimensions
Stakeholder Management:
Key stakeholders that the position holder will need to liaise/work with to be successful in this role.
- Internal: Business Units, Technology & Operations, Enterprise Projects team, Internal Audit
- External: Vendors, External Auditors
Decision Making Authority/Mandates/Constraints:
The decisions the position holder is empowered to make include:
- Methodology and procedures for ICT Risk Assessment
- Reporting of ICT risks to management
- Follow-up with management to close ICT gaps identified
Ideal Job Specifications
- University Degree in a relevant field
- Master’s degree will be an added advantage
- Relevant certifications in Information Security and Risk Management knowledge areas such as CRISC, CISM, CISA, CISSP, or equivalent.
- At least 4 years’ experience in a similar role with exposure to Banking operations, Technology, or Assurance functions.
- Practical Knowledge of BOU guidelines on ICT Risk Management.
- Practical Knowledge of risk and control frameworks and their application within the Financial Services industry.
Ideal Job Competencies
Technical Competencies
- Risk Management: Ability to anticipate and mitigate risk by developing appropriate Risk Management Policies.
- Compliance and Regulatory Framework: A good understanding of the regulatory issues, reporting, and operational requirements as provided by BOU, URA, and other key stakeholders.
- Conceptual and Analytical Skills: Ability to quickly grasp and understand systems and keen attention to detail.
- Technology Skills: Knowledge and application of modern IS security management practices in the financial services industry.
Behavioural Competencies
- Performance Management: Optimizing own productivity.
- Communication and Interpersonal Skills: Effectively communicating with and managing customer expectations (internal and external), and other stakeholders who impact performance.
- Knowledge and Application: Knowledge and effective application of all relevant banking policies, processes, procedures, and guidelines to consistently achieve required compliance standards or benchmarks.
- Self-Empowerment: Developing open communication, teamwork, and trust to support performance and a customer-service-oriented culture.
- Critical Thinking: Ability to think critically and analytically, expressing points of view supported by data (for both technical and non-technical audiences).
- Collaboration: Collaborating effectively with colleagues, stakeholders, and leaders across multiple organizations to get consensus, socialize strategy, and achieve objectives.
- Execution and Achievement-Oriented: Striving to achieve results, being measured and judged on performance standards.
- Personal Ethics: Must be honest, fair, just, firm with himself, and of high integrity.
Work Hours: 8
Experience in Months: 48
Level of Education: bachelor degree
Job application procedure
Interested and qualified? click here
All Jobs | QUICK ALERT SUBSCRIPTION
