Position: Head Technology Risk & Cyber Security
Location: Head Office NBC
Type: Full time
Job ID: R-15914168
Location: Head Office NBC
Type: Full time
Job ID: R-15914168
Overview
NBC is the oldest serving bank in Tanzania with over five decades of experience. We offer a range of retail, business, corporate and investment banking, wealth management products and services.
NBC is the oldest serving bank in Tanzania with over five decades of experience. We offer a range of retail, business, corporate and investment banking, wealth management products and services.
Job Summary
Responsible for building, maintaining and managing NBC Technology Risk profile & Cyber Security controls, as well as driving the bank’s cyber security strategy and IT Governance. In addition, the role is responsible to ensure compliance to the relevant regulatory requirements.Job Description
- Driving the development and implementation of a cyber-security strategy across the enterprise to minimize the risk of cyber-attacks.
- Managing and reporting for all IT Governance, Technology Risk, and Cyber Security initiatives for the bank.
- Develop and implement an ongoing risk assessment program targeting information security and business systems. Recommend methods for vulnerability detection and remediation.
- Overall responsible for managing continuous technology and cyber security risk assessments, identifying areas for improvement and providing the bank’s management an impartial and independent view of both technology and cyber security risk profiles in the enterprise.
- Fronting and managing all IT and Cyber Security Audits end-to-end.
- Manage version control of all IT documentation, ensuring that all versions are current/ up to date and version history maintained.
- Drive enterprise security review including Application Security, Infrastructure Configurations, Network Security, Identity and Access Management, Authentication Controls etc...
- Monitor and ensuring compliance to all relevant regulatory requirements (BOT, TCRA, TRA…Etc.) as well as internal technology and cyber security policies and standards, referring exceptions to Head of Information Technology.
- Provide oversight and challenge to DevOps strategy, tooling, processes and requirements
- Establish Key Risk Indicators (KRIs) to accurately measure and track in house developer compliance and risk
- Manage control self-assessment (CSA) exercise and validate the evidence if all the controls are audit proof and evidenced.
- Manage vulnerability assessment/Pen-test end– to-end for the entire bank’s technology environment.
- Drive implementation and review of technology risk and cyber security policies, standards, and processes across the enterprise.
- Establish and implement periodic control reviews and assessment schedules, and perform the reviews including spot test and snap checks of all controls as per defined Technology and Cyber Security policies, standards and guidelines.
- Oversee all third party and vendor security and risk management, ensuring alignment to the bank’s security control requirements.
- Liaises with contractors and service providers to ensure that all activities are in line with the bank’s security control requirements.
- Be involved in projects implementation providing security guidance from the initial stages of systems/ software development up to the end.
- Oversee IT security projects implementation
- Build and maintain threat intelligence and attack monitoring capabilities
- Develop and implement an incident reporting system to address security incidents, respond to alleged policy violations from staff, contractors and external parties
- Implement security incident management and response strategies alleged policy violations and security breaches from staff, contractors and external parties.
- Overseeing the investigation of reported policy violations and security breaches
- Managing daily security operations activities of the bank.
- Provides guidance and direction for the physical and logical protection of Information Technology resources to other business functions
- Developing and implementing technology recovery plans to ensure minimal service disruptions in the event of a security breach that the disaster recovery plan needs to be triggered.
- Provides direct Information Security Awareness training and oversight to all employees, and other third parties, ensuring proper information security clearance in accordance with established bank information security policies and procedures
- Develop a high performing team by embedding formal performance development and informal coaching, giving leadership to the team.
- Build effective working relationship/ information flow with key stakeholders as well as holding regular communication sessions with relevant stakeholders
- Keep abreast of the latest technology &b security threats and development.
- Perform other job-related duties as assigned
Qualifications and Experience
- Bachelor’s degree in Information Technology, or a related field. A post graduate in Information systems or business administration is of added advantage.
- At least 5 years of prior relevant experience in IT Security and Risk management, Vulnerability management and penetration testing and Identity and Access Management
- Working experience with Microsoft software, Linux, Database (Oracle, MS SQL),
- At least two applicable cyber security related certifications - CISSP, CISA, CISM, CRISC, CGEIT, CEH, CCNA Security
- Security).
- Familiarity with security frameworks (e.g. NIST Cybersecurity framework) and risk management methodologies
- Good understanding of Infrastructure (servers and network) designs and architecture.
- Familiarity with operational risk and compliance is advantageous
Competencies:
- Proficiency in Security and Risk management
- Vulnerability management and penetration testing
- Identity and Access Management
- Communications and Network Security.
- Application Security
- Asset Security
- System Resilience and Data Recovery Capabilities
Qualifications
Bachelor`s Degrees and Advanced Diplomas - Physical, Mathematical, Computer and Life Sciences, Digital familiarity (Meets some of the requirements and would need further development), Experience in a similar environment at junior specialist level, IT Security (Meets all of the requirements), Openness to change (Meets some of the requirements and would need further development), Process optimisation (Meets some of the requirements and would need further development), Reasoning (Meets all of the requirements)
Deadline: 24th February, 2021.
Job Description
Qualifications and Experience
Qualifications
Deadline: 24th February, 2021.
ππππππππππππππππππππππ
Position: Head of Application Support
Location: Head Office NBC
Type: Full time
Job ID: R-15910494
Location: Head Office NBC
Type: Full time
Job ID: R-15910494
Overview
NBC is the oldest serving bank in Tanzania with over five decades of experience. We offer a range of retail, business, corporate and investment banking, wealth management products and services.
NBC is the oldest serving bank in Tanzania with over five decades of experience. We offer a range of retail, business, corporate and investment banking, wealth management products and services.
Job Summary
The Head of Application Support is responsible for the delivery, support, and implementation of complex enterprise application systems (including Core Banking), both cloud, and on-premise. Reporting to the Head of IT, this individual is responsible for leading the enterprise application, digital channels, and UAT functions for the IT organization. In this role, the individual will manage multiple projects and priorities in addition to managing day to day application support & operations. As a single point of contact between IT & business for various applications, you will lead initiatives, resolve problems and develop relationships at all levels of the organization as well as with outside vendors and contractors. Your ability to work independently with limited direction, effective communication with stakeholders and ability to provide leadership and direction to team members will be keys to your success.Job Description
- Manage the day-to-day operations of enterprise applications (e.g. core banking applications, CRM, etc.), Digital Channels, and UAT environment in support of business objectives while working to modernize the application landscape.
- Manage overall solution & service delivery for prioritized projects, enhancement and break/fix demand for application portfolio
- Drive standardization & automation across business processes leveraging standard/corporate solutions. Actively engage with business in defining optimal solutions to support and improve business processes.
- Responsible for the development, implementation, and enhancements of the architectural roadmap toward a modern technology platform, development standards, and QA practices.
- Responsible for balancing investment between solution iteration and innovation, ensuring the bank explore new technologies (mobility, artificial intelligence, analytics, cloud platforms, etc..), and provide a vision for robust, flexible, scalable enterprise capabilities.
- Establish and grow an enterprise-wide analytics capability, integrating Systems, operations, customer, and endpoint device data to support business operations and strategy.
- Responsible for integrated incident, change and problem management. Ensure systems, methodologies and procedures are in place and followed for application support.
- Manage solution Implementations, roll-outs and delivery for internal businesses & functions.
- Lead/collaborate with external vendors for projects execution & application support
- Manage, lead and mentor team members. Sets measurable goals and deadlines for team members
- Handle changing priorities and provide decisive leadership in complex situations
- Implement industry best practices for solution as well as service delivery.
- Drive software license optimization initiatives
- Experience in Financial planning including annual budget, forecasting and cost tracking, work estimation, funding requests, application total cost of ownership
Qualifications and Experience
- Bachelor Degree in Electrical, Electronic & Telecommunications or Computer Engineering (Preferred)
- 10+ years of experience in applications including experience in deploying large enterprise applications likes Oracle Flexcube, SAP, etc
- Proven ability to integrate modern technology and legacy platforms, experience with SaaS, infrastructure as a service (IaaS), platform as a service (PaaS), SOA, APIs, open data, microservices, event-driven IT and predictive analytics.
- 10+ years of experience leading across the following domains information management, enterprise application development, SDLC, QA, agile and lean delivery methodologies, and ITIL frameworks.
- 10+ years of experience in technology management, leadership, and operations positions, with responsibility for budget and department administration.
- Proven experience of successfully delivering projects on-time, within budget, and in scope.
- Led at least 2 projects that involved global deployment of solutions
- Experience of setting up application support teams, processes & tools for a complex application portfolio.
- Strong Industry and Functional expertise with configuration and design experience
- Has good experience of business engagement and senior Stakeholder management.
- Should be able to organize teams and resolve critical situation or complex requirements.
- Familiar with tools and technology necessary to manage application projects & support (Ticketing tool, monitoring tools, Demand/Capacity management tools, Monitoring tools and automation, Project tracking etc.)
- Ability to work within a fast-paced, high pressure, dynamic environment
- Should be able to influence decision-making and drive project delivery.
- Should have experience of working /managing application portfolios comprising of technologies like .Net/Java, Microsoft technologies, Linux, Websphere, PostgresSQL, AWS/Azure, Oracle DB, etc
- Knowledge or certificate in Cloud Computing will be added advantage
- Oracle certification will be of added advantage
- Knowledge of banking/ branch operations will be of added advantage
Qualifications
- Bachelor's Degree - Information Technology, Experience in a similar environment
