RATIBA YA LIGI KUU YA NBC 2024/2025 TAZAMA HAPA


INEC RATIBA YA UBORESHAJI WAPIGA KURA 2024/2025 HAPA


INEC KUITWA KWENYE USAILI 2024/2025 TAZAMA HAPA


AJIRA MPYA KILA SIKU TAFADHALI BONYEZA HAPA


JIUNGE NASI TELEGRAM BOFYA HAPA WHATSAPP HAPA


NAFASI za Kazi NMB Bank July 13-2024

Filed in Ajira by on 13/07/2024

NAFASI za Kazi NMB Bank July 13-2024

NAFASI za Kazi NMB Bank July 13-2024

NAFASI za Kazi NMB Bank July 13-2024

NAFASI za Kazi NMB Bank July 13-2024, Senior Specialist Technology Risk; Cybersecurity, Data Analytics and Reporting at NMB Bank July 13-2024.

Job Location :Head Office, Hq

Job Purpose:

To Ensure that risks related to cybersecurity within the bank are structurally managed so that the bank can make sound decisions in matters that affect the risk posture of the bank.
Manage risk data analytics, reporting and perform the oversight role as the primary contact between Technology Risk and other lines of defence within the bank.

Main Responsibilities:

Cybersecurity Risk Governance

Using industry cybersecurity standards and frameworks, provide guidance on the governance of cybersecurity risk management at the bank.
Oversee the establishment and management of cybersecurity risk-related policies and procedures that govern cybersecurity risk management for the bank.

Risk Identification, Assessment & Evaluation

Drive and support the identification and assessment of cybersecurity threats to the bank’s network and computer systems
Ensure key cybersecurity risks have been adequately documented with relevant controls and key indicators.
Define, in close co-operation and alignment with the first line, the Risk Appetite statement for cybersecurity within the bank.
Support the 1LoD to ensure all relevant key cybersecurity risk information are properly and adequately maintained in the risk management system tool, check and validate the risk data quality in the system to support accurate reporting and decision making by management.
Facilitate and support the 1LoD in conducting thorough risk assessments to evaluate their security, business practices and other factors that may pose risk to the bank.
Ensure the business conducts Risk and Control Assessments (RCSAs) in accordance with guidelines issued by Operational Risk through training and conformance reviews, including
osupporting (advice and guide) the 1st line in their risk and control activities and risk-return considerations (especially provide second-line opinions on new or significant change initiatives)
oconstructively challenge performance of the first-line risk and control activities.
Train the first line staff members to understand the defined controls and facilitate them in risk identification and assessment and in executing the controls and performing self-assessments to demonstrate their effectiveness.
Review risk assessment and analyze the effectiveness of information security control activities, and report on them with actionable recommendations.
Manage the oversight of cybersecurity risk on vulnerability assessments and penetration testing engagements.
Serve in an advisory role in application development, major systems implementation projects, technology infrastructure projects etc. to assess relevant security risks requirements and controls; and ensure that security controls are implemented as planned.
Continuously research and stay abreast of the new industry cybersecurity risks and recommend 1LoD on the respective controls that need to be implemented.
Manage the oversight of the third-party cybersecurity risks identification and assessment.
Using various risk management tools and technologies, accurately measure and report cybersecurity risks of the bank.

Risk Mitigation Strategies

Support the cybersecurity team in the development and implementation of mitigation strategies.
Ensure the cybersecurity teams have accurately implemented various security controls including but not limited to Firewalls, Endpoint Protection and Encryption capabilities.
Ensure the cybersecurity teams have established effective response strategies to cybersecurity incidents.
Develop and support the implementation of relevant cybersecurity frameworks, policies and procedures within the bank.
Work with relevant teams to resolve security issues that are uncovered by various internal and third-party monitoring tools.
Work with relevant bank vendors to ensure their products and services meet the banks security requirements
Oversee and ensure staff are trained and educated on cybersecurity practices including acceptable internet usage, use and protection of logical access information and awareness on phishing and other cyber threats.
Ensure that relevant new requirements from new policies are implemented and followed bank-wide, by interacting with the risk champions of each of the relevant teams and ensuring related controls are embedded in the banks risk and control framework.

Risk Monitoring

Perform regular security testing and reviews to ensure bank systems are secure and that security measures are working as required.
Follow up on the progress of actions that are relevant to improve the risk posture of the bank including risk and control remediation action plans, resulting from e.g.
oRisk and control self-assessment activities;
oRisk events such as security related risk incidents.
oRelevant actions arising out of governance committees.
Build an independent view on the cybersecurity risk posture of the bank by performing
oIndependent validations of control assessment by the first line;
oRisk-assessments on new and changed products, services and business,
oTargeted investigations on specific topics of interest, depending on actual developments within or outside the organisation, in order to provide more clarity in a specific topic of interest.
Ensure that cybersecurity risks are put on the meeting agenda of all relevant departments in the bank and contribute in the preparation of these meetings and attend in the meetings themselves when necessary.
Follow up on monthly cybersecurity key risk indicator performance results and challenge the risk owners on unfavorable KRI results (amber and red KRI), establish root cause analysis and report on proper remediation plans to ensure risk levels remain within approved limits.

Risk  Communication and Reporting

Proactively communicate with the Head Technology Risk on cybersecurity and data analytics risk issues. Escalate significant events to relevant stakeholders as appropriate.
Produce timely and accurate monthly and quarterly (and ad hoc) reports on cybersecurity and products automated systems controls risks exposure to governance committees.
Report to management concerning residual risk, vulnerabilities, and other security exposures, including misuse of information assets and noncompliance.
Follow up and gather relevant 1LoD reports for 2LoD view and voice-over for consideration in Technology Risk reporting.
Plan and concisely prepare all Technology Risk required reports with determination on report objectives, scope and structure that include but not limited to Management and Board Technology Risk reports.
Create well structured, concise, and clear reports based on data analyses, ensuring logical information organization, finding presentation and evidence-supported conclusions. Ensure the report adhere to the bank’s style guidance and formatting requirements.
Facilitate presentation of complex data in an accessible and understandable manner using data visualization that applies visual elements such as charts, graphs, infographics and tables.
Ensure the accuracy, integrity and the reliability of the data and information presented in the reports.

Risk Data Analytics

In consultation with relevant teams within the bank, identify areas that should be subject to risk data analytics and perform data extraction and analytics for those areas covering critical systems of the bank and report findings to RCC and EXCO on month basis.
Research, recommend and implement relevant data analytics and risk management tools to aid in data analysis and risk management activities.
Examine and interpret data to identify risk patterns, trends and insights.
Assess the adequacy and effectiveness of key product related application controls and provide assurance on the risk exposure levels.
Prepare standard scripts for data analytics for application control testing and all critical systems in the bank, foster the use of robotics in automating the risk data analytics tasks for timely risk exceptions reports.
Provide data related issue closure validations and assurance for closed risk actions in governance committees within the bank.
Maintain a database of identified risks and tests to be carried in data analytics from the bank’s systems across the network.

Oversight and Coordination

Serve as the primary contact with the 1LoD and the business stakeholders for streamlined communication with Technology Risk.
Support and challenge the 1LoD in their risk related activities by managing a streamlined communication with risk champions and risk owners.
Organize and coordinate meetings between Technology Risk and relevant stakeholders within the bank.
Collaborate with ICT management and risk champions in the identification, evaluations, reporting and management of their risks, ensuring they are fully aligned with the ERM framework and other relevant policies and procedures of the bank and regulatory requirements.
Coordinate all interactions between ICT, the business and Technology Risk ensuring availability of information from either direction.
Facilitate and coordinate communication with internal and external auditors for all matters on Technology Risk.
Facilitate the identification and correction of risk defective business processes.

Knowledge and Skills:

Knowledge of security issues, techniques, and implications across all existing computer platforms.
A practical knowledge and understanding of risks, controls, risk management tools and methodologies.
Mastery in using data analytics tools such as ACL.
Cybersecurity frameworks such as ISO/IEC 27001, NIST Cybersecurity Framework (CSF) and CIS Critical Security Controls.
In-depth understanding of ISO/IEC 2007 Information Security Risk Management.
Risk & control techniques; Facilitation skills
High personal credibility and integrity.
Understanding of database systems such as MongoDB, MySQL, SQL server, Oracle and/or PostgreSQL.
Ability to use tools for vulnerability management, security monitoring, access & identity management, non-personal/privileged account management and/or multi-factor authentication.
Ability to use risk management tools, analytical and problem-solving skills
Team player
Good written and verbal communication skills
Time management – ability to juggle priorities and execute at speed individually and as part of a team.

Qualifications and Experience:

Holder of University Degree in Computer Science, Information Systems or other related field
Holder of an active professional certification in Information Security including at least one of the following CISSP, CISM or OCSP.
3 years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, database design and administration
Previous risk management experience gained within an auditing, operational risk
management or compliance/controls type role.
Understanding of the core retail and commercial banking product set.

NMB Bank Plc is an Equal Opportunity Employer. We are committed to creating a diverse environment and achieving a gender balanced workforce.
Female candidates and people living with disabilities are strongly encouraged to apply for this position.

NMB Bank Plc does not charge any fee in connection with the application or recruitment process. Should you receive a solicitation for the payment of a fee, please disregard it.NAFASI Mpya za Kazi NMB Bank July 13-2024

Job opening date : 12-Jul-2024 Job closing date : 19-Jul-2024

CLICK HERE TO APPLY

Only shortlisted candidates will be contacted.


Core Banking System Administrator at NMB Bank July 13-2024

Core Banking System Administrator – Fixed Term (2yrs) (1 Position(s))

Job Location :Head Office, Hq

Job Purpose:

Support and create interfaces for Core Banking Systems and be responsible for resolving incidents at Level 2 in the back-end Core Banking Application systems.
Support end of day (EOD) operators and coordinate Level 3 support issues for all back-end core banking application systems with offshore support teams for proactive and active support.

Main Responsibilities:

Creating web interfaces (API) for applications to connect to core banking applications.
Coordinate project groups and manage business demands to ensure that new systems solutions are sound and support the bank’s priorities including technical coding and implementation of products.
Responsible for Level 2 issues related to all core applications and acting as DevOps support for applications which have been developed in-house from NMB internal development team.
Responsible for different sprints of the Project in any software development phase which at the end touch connection with core banking application.
Support of day-to-day operations & performance of core banking system (CBS)
Automating back-office operations using third party systems through core banking system.
Provide 2nd level technical support for CBS queries & incidents (live, data warehousing, UAT, Reports)
Liaise with CBS Level 2/3 support teams to report incidents and ensure that relevant solutions are implemented both onsite and offsite.
Manage external service providers to ensure that developments are implemented according to project group requirements and contractual agreements.
Provide expert advice on core banking systems and contribute to the unit’s objectives.
Responsible for UAT on testing of core banking changes.
Knowledge and Skills:
Knowledge in software development life cycle (SDLC).
Knowledge in computer programming
Knowledge in Linux systems support and administration
Knowledge in creating and supporting scalable enterprise applications.
A good understanding of how operating system software and computer hardware enables applications and programs to run preferably on Unix/Linux or Solaris.
Familiarity with Structured Query Language (SQL) using RDBMS databases like MySQL, Postgres, MS SQL or Oracle.
Conversant with current and emerging technology trends in areas such as Robotic Automation, Artificial Intelligence (AI) and Machine Learning
Programming languages, preferably Java, Python and PL/SQL.
Interpersonal skills, teamwork, good communication skills, Attention to details

Qualifications and Experience:

Bachelor’s degree in computer science/information technology/computer engineering
Certifications in Linux/UNIX; Database management is added advantage.
1 year experience in software development, DevOps support or Core Banking System
System administration experience with proven capability to interact with IT resources (Infrastructure, IT architect, Risk system specialists) and business departments.
Experience in core banking software technical management, working with development and support of banking systems

NMB Bank Plc is an Equal Opportunity Employer. We are committed to creating a diverse environment and achieving a gender balanced workforce.
Female candidates and people living with disabilities are strongly encouraged to apply for this position.

NMB Bank Plc does not charge any fee in connection with the application or recruitment process. Should you receive a solicitation for the payment of a fee, please disregard it.

Job opening date : 12-Jul-2024Job closing date : 26-Jul-2024

CLICK HERE TO APPLY

Only shortlisted candidates will be contacted.

Tags:

Comments are closed.