Specialist; Technology Risk
2026-06-06T11:52:57+00:00
NMB Bank
https://cdn.greattanzaniajobs.com/jsjobsdata/data/employer/comp_5940/logo/NMB%20Bank%20.jpeg
https://www.nmbbank.co.tz/
FULL_TIME
Head Office, Hq
Dar es Salaam
00000
Tanzania
Banking
Computer & IT, Business Operations, Management
2026-06-19T17:00:00+00:00
8
Responsible for ensuring that risks related to IT Operations and Technology Third-Party Management are effectively and structurally managed, enabling the bank to make sound, risk-informed decisions that protect its overall risk posture.
Responsibilities or duties
Risk Identification, Assessment & Evaluation
- Drive and support the identification of potential risks related to technology infrastructure and third-party relationships risk within the bank
- Oversee technology third-party/vendor risks, ensuring governance, risk mitigation, contractual compliance, and alignment with enterprise risk appetite to support informed decision-making.
- Ensure key risks for technology infrastructure and third-party risks have been documented with controls and relevant key indicators.
- Ensure the business conducts Risk and Control Assessments (RCSAs) in accordance with guidelines issued by Operational Risk
- Proper identification of technology infrastructure and third-party control gaps at assessed departments/ designated assignment(s).
- Define, in close co-operation and alignment with the first line, the Risk Appetite Statement for Technology Infrastructure and third-party risks.
- Train the first line staff members to understand the defined controls
Risk Mitigation strategies
- Support the development and implementation of controls to address technology infrastructure and third-party risks
- Document risk mitigation strategies and ensure the strategies are well analyzed and adequately documented.
- Ensure that new requirements following from new policies are implemented and followed bank-wide
- Track and validate remediation of issues and control gaps, including sustainment checks and escalation of overdue actions to the Technology Risk Manager.
Risk Monitoring
- Maintain a database of all relevant third parties and track key information related to the mandatory requirements applicable to third parties.
- Continuously monitor third-party relationships and compliance to performance and service level agreements (SLA)
- Monitor capacity and obsolescence risk, technology lifecycle status, and service performance indicators across Datacenter, network, database infrastructure.
- Track progress of risk remediation action plans arising from RCSAs, risk events, audit findings, regulatory observations, and governance committee decisions.
- Monitor emerging technology adoption risks, including AI model performance and governance, cloud adoption risk, and bot exception handling.
Risk Communication and Reporting
- Create 2LoD view on the risk effort of the ICT department in their infrastructure and third-party risks exposure reporting.
- Produce timely and accurate monthly and quarterly (and ad hoc) reports on technology infrastructure and third-party risks exposure to governance committees on monthly basis.
- Build and maintain executive dashboards covering IT Operations and Third-Party issues, KRI/KCI trends, issues aging, SLA breach rates, change risk metrics, and third-party performance, enabling real-time visibility of the risk posture.
- Perform advanced data analysis on technology risk datasets to identify trends, outliers, root cause patterns, and risk drivers, and present findings in a clear and actionable format for decision-makers.
- Automate exception monitoring for recurring risk indicators.
- Serve as the Technology Risk teams reporting custodian by consolidating risk assurance information across all technology risk domains, including IT operations risk, third-party and vendor risk, IT governance, and business technology continuity.
Qualifications or requirements (e.g., education, skills)
Knowledge and Skills:
- Strong understanding of technology infrastructure, IT operations, and third-party/vendor risk management across diverse platforms and enterprise systems.
- Practical knowledge of technology risk, controls, and risk management tools/methodologies, with ability to apply them in a banking or financial services environment.
- Awareness of core operational processes within IT and business units, including related procedures, control frameworks, and integration risks with third-party providers.
- Familiarity with standards and other regulatory requirements for managing technology infrastructure, payment systems, and associated third-party technology risks.
- Understanding of emerging technology risk domains, including AI model risk and governance, cloud adoption risk, and robotic process automation.
- Knowledge of data governance principles, data quality standards, and privacy requirements relevant to technology risk oversight in a large bank.
- High personal credibility and integrity, fostering trust and influence across all organizational levels.
- Strong analytical and data analysis skills, with proficiency in advanced Excel, Power BI, or equivalent visualisation tools, and comfort with querying and interpreting structured data, including SQL concepts.
- Excellent written and verbal communication skills, able to convey complex IT and third-party risk issues clearly and persuasively.
Experience needed
Qualifications and Experience:
- Holder of University Degree in Computer Science, Information Systems or related field
- Holder of active professional certification in Technology Risk such as CRISC, CISM and at least one Third Party or Outsourcing Risk including at least CTPRP, CSCRP, CVA, VRMP, VCP or comparable is preferred.
- Master’s degree in business studies is an added advantage
- Banking certification(s) is an added advantage
- At least three (3) years of combined IT and Risk experience with broad exposure to IT operations, systems analysis, infrastructure management, and third-party/vendor risk oversight.
- Practical experience in data analysis, dashboard development, and exception reporting, with the ability to translate risk data into management-ready insights.
* Drive and support the identification of potential risks related to technology infrastructure and third-party relationships risk within the bank * Oversee technology third-party/vendor risks, ensuring governance, risk mitigation, contractual compliance, and alignment with enterprise risk appetite to support informed decision-making. * Ensure key risks for technology infrastructure and third-party risks have been documented with controls and relevant key indicators. * Ensure the business conducts Risk and Control Assessments (RCSAs) in accordance with guidelines issued by Operational Risk * Proper identification of technology infrastructure and third-party control gaps at assessed departments/ designated assignment(s). * Define, in close co-operation and alignment with the first line, the Risk Appetite Statement for Technology Infrastructure and third-party risks. * Train the first line staff members to understand the defined controls * Support the development and implementation of controls to address technology infrastructure and third-party risks * Document risk mitigation strategies and ensure the strategies are well analyzed and adequately documented. * Ensure that new requirements following from new policies are implemented and followed bank-wide * Track and validate remediation of issues and control gaps, including sustainment checks and escalation of overdue actions to the Technology Risk Manager. * Maintain a database of all relevant third parties and track key information related to the mandatory requirements applicable to third parties. * Continuously monitor third-party relationships and compliance to performance and service level agreements (SLA) * Monitor capacity and obsolescence risk, technology lifecycle status, and service performance indicators across Datacenter, network, database infrastructure. * Track progress of risk remediation action plans arising from RCSAs, risk events, audit findings, regulatory observations, and governance committee decisions. * Monitor emerging technology adoption risks, including AI model performance and governance, cloud adoption risk, and bot exception handling. * Create 2LoD view on the risk effort of the ICT department in their infrastructure and third-party risks exposure reporting. * Produce timely and accurate monthly and quarterly (and ad hoc) reports on technology infrastructure and third-party risks exposure to governance committees on monthly basis. * Build and maintain executive dashboards covering IT Operations and Third-Party issues, KRI/KCI trends, issues aging, SLA breach rates, change risk metrics, and third-party performance, enabling real-time visibility of the risk posture. * Perform advanced data analysis on technology risk datasets to identify trends, outliers, root cause patterns, and risk drivers, and present findings in a clear and actionable format for decision-makers. * Automate exception monitoring for recurring risk indicators. * Serve as the Technology Risk teams reporting custodian by consolidating risk assurance information across all technology risk domains, including IT operations risk, third-party and vendor risk, IT governance, and business technology continuity.
* Strong understanding of technology infrastructure, IT operations, and third-party/vendor risk management across diverse platforms and enterprise systems. * Practical knowledge of technology risk, controls, and risk management tools/methodologies, with ability to apply them in a banking or financial services environment. * Awareness of core operational processes within IT and business units, including related procedures, control frameworks, and integration risks with third-party providers. * Familiarity with standards and other regulatory requirements for managing technology infrastructure, payment systems, and associated third-party technology risks. * Understanding of emerging technology risk domains, including AI model risk and governance, cloud adoption risk, and robotic process automation. * Knowledge of data governance principles, data quality standards, and privacy requirements relevant to technology risk oversight in a large bank. * High personal credibility and integrity, fostering trust and influence across all organizational levels. * Strong analytical and data analysis skills, with proficiency in advanced Excel, Power BI, or equivalent visualisation tools, and comfort with querying and interpreting structured data, including SQL concepts. * Excellent written and verbal communication skills, able to convey complex IT and third-party risk issues clearly and persuasively.
* Holder of University Degree in Computer Science, Information Systems or related field * Holder of active professional certification in Technology Risk such as CRISC, CISM and at least one Third Party or Outsourcing Risk including at least CTPRP, CSCRP, CVA, VRMP, VCP or comparable is preferred. * Master’s degree in business studies is an added advantage * Banking certification(s) is an added advantage
JOB-6a240a1941225
Vacancy title:
Specialist; Technology Risk
[Type: FULL_TIME, Industry: Banking, Category: Computer & IT, Business Operations, Management]
Jobs at:
NMB Bank
Deadline of this Job:
Friday, June 19 2026
Duty Station:
Head Office, Hq | Dar es Salaam
Summary
Date Posted: Saturday, June 6 2026, Base Salary: Not Disclosed
Similar Jobs in Tanzania
Learn more about NMB Bank
NMB Bank jobs in Tanzania
JOB DETAILS:
Responsible for ensuring that risks related to IT Operations and Technology Third-Party Management are effectively and structurally managed, enabling the bank to make sound, risk-informed decisions that protect its overall risk posture.
Responsibilities or duties
Risk Identification, Assessment & Evaluation
- Drive and support the identification of potential risks related to technology infrastructure and third-party relationships risk within the bank
- Oversee technology third-party/vendor risks, ensuring governance, risk mitigation, contractual compliance, and alignment with enterprise risk appetite to support informed decision-making.
- Ensure key risks for technology infrastructure and third-party risks have been documented with controls and relevant key indicators.
- Ensure the business conducts Risk and Control Assessments (RCSAs) in accordance with guidelines issued by Operational Risk
- Proper identification of technology infrastructure and third-party control gaps at assessed departments/ designated assignment(s).
- Define, in close co-operation and alignment with the first line, the Risk Appetite Statement for Technology Infrastructure and third-party risks.
- Train the first line staff members to understand the defined controls
Risk Mitigation strategies
- Support the development and implementation of controls to address technology infrastructure and third-party risks
- Document risk mitigation strategies and ensure the strategies are well analyzed and adequately documented.
- Ensure that new requirements following from new policies are implemented and followed bank-wide
- Track and validate remediation of issues and control gaps, including sustainment checks and escalation of overdue actions to the Technology Risk Manager.
Risk Monitoring
- Maintain a database of all relevant third parties and track key information related to the mandatory requirements applicable to third parties.
- Continuously monitor third-party relationships and compliance to performance and service level agreements (SLA)
- Monitor capacity and obsolescence risk, technology lifecycle status, and service performance indicators across Datacenter, network, database infrastructure.
- Track progress of risk remediation action plans arising from RCSAs, risk events, audit findings, regulatory observations, and governance committee decisions.
- Monitor emerging technology adoption risks, including AI model performance and governance, cloud adoption risk, and bot exception handling.
Risk Communication and Reporting
- Create 2LoD view on the risk effort of the ICT department in their infrastructure and third-party risks exposure reporting.
- Produce timely and accurate monthly and quarterly (and ad hoc) reports on technology infrastructure and third-party risks exposure to governance committees on monthly basis.
- Build and maintain executive dashboards covering IT Operations and Third-Party issues, KRI/KCI trends, issues aging, SLA breach rates, change risk metrics, and third-party performance, enabling real-time visibility of the risk posture.
- Perform advanced data analysis on technology risk datasets to identify trends, outliers, root cause patterns, and risk drivers, and present findings in a clear and actionable format for decision-makers.
- Automate exception monitoring for recurring risk indicators.
- Serve as the Technology Risk teams reporting custodian by consolidating risk assurance information across all technology risk domains, including IT operations risk, third-party and vendor risk, IT governance, and business technology continuity.
Qualifications or requirements (e.g., education, skills)
Knowledge and Skills:
- Strong understanding of technology infrastructure, IT operations, and third-party/vendor risk management across diverse platforms and enterprise systems.
- Practical knowledge of technology risk, controls, and risk management tools/methodologies, with ability to apply them in a banking or financial services environment.
- Awareness of core operational processes within IT and business units, including related procedures, control frameworks, and integration risks with third-party providers.
- Familiarity with standards and other regulatory requirements for managing technology infrastructure, payment systems, and associated third-party technology risks.
- Understanding of emerging technology risk domains, including AI model risk and governance, cloud adoption risk, and robotic process automation.
- Knowledge of data governance principles, data quality standards, and privacy requirements relevant to technology risk oversight in a large bank.
- High personal credibility and integrity, fostering trust and influence across all organizational levels.
- Strong analytical and data analysis skills, with proficiency in advanced Excel, Power BI, or equivalent visualisation tools, and comfort with querying and interpreting structured data, including SQL concepts.
- Excellent written and verbal communication skills, able to convey complex IT and third-party risk issues clearly and persuasively.
Experience needed
Qualifications and Experience:
- Holder of University Degree in Computer Science, Information Systems or related field
- Holder of active professional certification in Technology Risk such as CRISC, CISM and at least one Third Party or Outsourcing Risk including at least CTPRP, CSCRP, CVA, VRMP, VCP or comparable is preferred.
- Master’s degree in business studies is an added advantage
- Banking certification(s) is an added advantage
- At least three (3) years of combined IT and Risk experience with broad exposure to IT operations, systems analysis, infrastructure management, and third-party/vendor risk oversight.
- Practical experience in data analysis, dashboard development, and exception reporting, with the ability to translate risk data into management-ready insights.
Work Hours: 8
Experience in Months: 36
Level of Education: bachelor degree
Job application procedure
Application Link:Click Here to Apply Now
Job opening date : 05-Jun-2026
Job closing date : 19-Jun-2026
All Jobs | QUICK ALERT SUBSCRIPTION
