ICT Officer (ICT Governance & Control)
Location | Dar es Salaam, Tanzania, United Republic of |
Date Posted | July 20, 2023 |
Category | IT / Information Technology |
Job Type | Full-time |
Currency | TZS |
Description
JOB DETAILS:
POSITION OBJECTIVES
To assist Senior Manager ICT Security and BCP and Director of Technology to drive the governance and compliance roles within Information Technology department, by establishing the appropriate information technology and information security policy frameworks,
To drive compliance, risk framework and best practice standards,
To ensure that ICT controls are well adhered within the Information Technology and across the bank.
To assist in driving the Business Continuity program by ensuring that IT services are available to the business and customers in the event of any unforeseen disruption, within the agreed service levels (RPO and RTO).
KEY RESPONSIBILITIES
• Custodian of Information Technology (IT) & Information Security (IS) policy and procedures governance frameworks across the bank.
• Drive the IT and IS policy framework, including creation, review, update, awareness and monitoring of policies.
• Keep up-to-date with regulations and prudential guidelines affecting information technology and information security, and continuously update the Bank’s policies, standards and procedures.
• Primary champion of ISO 27001 to ensure compliance and monitor activities to retain the bank certification.
• Administration of Information Technology and Information Security processes to ensure its compliance.
• Provide guidance to IT and drive technology best practices (COBIT, ISO 27001, PCI DSS, and ITIL), while enshrining these with the IT policies and practices.
• Ensure ICT risk Assessment register and Risk Treatment Plans are well maintained in collaboration with risk directorate.
• Assist Senior manager as liaison for all Internal and External IT and IS audit and risk assessment engagements.
• Track and report on IT audit and risk findings follow-ups to ensure no reoccurrence.
• Conduct the Information Security Awareness program across the bank and with external stakeholders, including awareness trainings, tools and reporting.
• Risk champion for the IT department.
• Ensure Businesses continuity Program (including IT Business Impact Analysis, Business Continuity Plan, BCP Exercising, Criss Management Plan, within IT and across the bank are up to date and well maintained.
• In liaison with the other IT stakeholders, maintain up-to-date disaster recovery plans and ensure recovery procedures are effective for restoration of key IT systems and therefore resumption of critical business processes
• Prepare Disaster Recovery and backup testing schedules, reporting and remedial actions.
• Regular monitoring and reporting on any significant gaps on IT business continuity practices, including data replication and backups.
• Perform any other related information security duties assigned from time to time.
Education and Experience
• Bachelor’s degree/Advanced Diploma in Information Technology, Computer science, Cybersecurity, Information Technology, Computer Engineering or any other related discipline from recognized University.
• Should have a minimum of one year of ICT technology experience with at least hands-on technical roles in system audit, ICT governance and control information security.
Competency and skills:
• Ability to work in a fast-paced environment.
• Problem-solving and analytical skills.
• Good communication and sound interpersonal skills.
• Exceptional verbal and written skills.
• Ability to prioritize tasks and to work independently or in a group as needed.
• Knowledge to develop and monitor Business Continuity and Disaster Recovery plans and processes.
• Knowledge to develop Information Security strategy and policy frameworks.
• Technical skills to effectively perform ISMS activities/tasks in a manner that consistently achieves established quality standards or benchmarks.
• Working knowledge of various ICT Technologies is a bonus.
• High levels of integrity in the conduct of personal and professional affairs.
• Professional Certification such as CISSP, CIRSK, CISA, and 27001 Lead Implementor/Auditor is an added advantage.
Applying Instructions
The position will attract a competitive salary package, which include benefits. Applicants are invited to submit their resume via the following link:-
https://www.tcbbank.co.tz/careers Applications via other methods will not be considered. Applicants need to fill their personal information, academic certificates and work experiences and also submit the application letter. Other credentials will have to be submitted during the interview for authentic check and other administrative measures.
Tanzania Commercial Bank has a strong commitment to environmental, health and safety management. Late applications will not be considered. Short listed candidates may be subjected to any of the following: a security clearance; a competency assessment and physical capability assessment.