Saturday, November 4, 2023

2 New Job Opportunities at NMB Bank Plc Tanzania November, 2023 - Various Posts

  AjiraLeo Tanzania       Saturday, November 4, 2023
NMB Bank Plc
Jobs in Tanzania 2023: New Job Vacancies at NMB Bank Plc 2023
NMB Bank Plc Jobs, 2023
Zonal Compliance Specialist (1 Position(s))
Job Location:
Lake Zone
Job Purpose:
Provide assurance in relation to compliance to all relevant policies and regulations. This includes delivery of end-to-end assurance work over compliance risks and controls in alignment with the bank's Enterprise Risk Management Framework.

Main Responsibilities:
  • Undertaking compliance reviews and supporting the business through provision of relevant recommendations, implementation, corrective measures, and follow-up, and providing professional compliance advisory services (tactic and transactional day-to-day compliance advice and direction) and specific recommendations to manage compliance risks.
  • Support the review of the Bank's operations for compliance with applicable laws and regulations in order to enhance adherence to compliance policies and regulatory environment.
  • Build and maintain an effective and constructive relationship with all stakeholders, adopting a cohesive approach to the execution of tasks with minimum conflict while ensuring the independence of the assurance unit.
  • Be a primary point of contact for compliance-related issues in your zone or branches and provide expert advice to support compliance with internal policies, procedures, guidelines, and regulatory requirements, including effective representation of the Compliance department in relevant strategic zonal engagements, and escalate matters to your line manager as needed.
  • Proactively identify key emerging compliance risks across the zones or branches and ensure effective communication of identified issues with stakeholders within the defined governance process.
  • Ensure delivery of assigned assurance activities as per the agreed annual plan, make recommendations and ensure follow-up on any identified deficiencies, and provide accurate and complete reports.
  • Support the delivery of compliance related training/awareness initiatives to the zones and branches to ensure that holders of all critical functions are competent and suitably skilled.
  • Lead by example and build the appropriate culture and values. Set an appropriate tone and expectations from the team and work in collaboration with risk and control partners.
  • Fully promote a culture of compliance across zones and branches through role-modeling, coaching, and engaging others. Additionally, embed a culture of openness, trust and risk awareness, where ethical, legal, regulatory and policy compliant conduct is a norm.
  • Assist in the development and implementation of a risk-based compliance-monitoring program that optimizes cost efficiency, to ensure identification, assessment, monitoring, and timely reporting of all material compliance risks faced by branches as well as ensure compliance procedures, systems, and controls are up-to-date and effectively implemented across zones/or branches.
  • Track compliance mandatory training completion within your zones and ensure that all staff complete the training within the agreed SLAs per corporate communication.
  • Keep abreast of new laws and changes to laws and regulations affecting branches, in order to be up to date with current compliance requirements and support compliance management in performing a gap analysis and assessing the impact of new/amended regulatory requirements as applicable to branches.
  • Conducting Compliance risk assessments, testing, and summarizing findings in a concise format. Develop meaningful reports that add value to business and support management decision-making.
  • Keep Line Manager informed, on an ongoing basis, of non-compliance issues at branches and in your zone and the status of corrective actions. This includes preparation and submission of specified periodic and ad-hoc reports agreed with the Line Manager.

Knowledge and Skills:
  • A practical knowledge and understanding of risks, controls, risk management tools, and methodologies.
  • A good understanding of the main operational processes within the businesses and a good understanding of the procedures and control framework relating to those areas.
  • Good understanding of the applicable regulatory requirements to banks including Financial Crime Compliance risks within the bank.
  • Risk management technical skills (e.g. risk identification assessment, control design & monitoring)
  • Team working and stakeholders' management skills
  • Excellent oral and written communication skills – ability to present information clearly and concisely.
  • Takes responsibility, ownership and accountability for own tasks and work output.
  • High level of Integrity, honesty and trustworthy.
  • Ability to juggle priorities and execute at speed individually and as part of a team.
  • Report writing skills and attentive to details.

Qualifications and Experience:
  • Bachelor's Degree in banking/ law/ economics/ finance or other relevant fields of study.
  • Any additional relevant compliance related professional certifications will be an added advantage.
  • Banking experience of more than 4 years, preferably in Risk Management, Compliance, Control & Quality Assurance, and Audit.
  • Good experience on assurance / testing activities and effective risk management and be able to promote strong risk management culture.

Senior Specialist Technology Risk; Cybersecurity, Data Analytics and Reporting (1 Position(s))
Job Location:
Head Office, Hq
Job Purpose:
To Ensure that risks related to cybersecurity within the bank are structurally managed so that the bank can make sound decisions in matters that affect the risk posture of the bank.
Manage risk data analytics, reporting and perform the oversight role as the primary contact between Technology Risk and other lines of defence within the bank.

Main Responsibilities:
Cybersecurity Risk Governance
  • Using industry cybersecurity standards and frameworks, provide guidance on the governance of cybersecurity risk management at the bank.
  • Oversee the establishment and management of cybersecurity risk-related policies and procedures that govern cybersecurity risk management for the bank.

Risk Identification, Assessment & Evaluation
  • Drive and support the identification and assessment of cybersecurity threats to the bank's network and computer systems
  • Ensure key cybersecurity risks have been adequately documented with relevant controls and key indicators.
  • Define, in close co-operation and alignment with the first line, the Risk Appetite statement for cybersecurity within the bank.
  • Support the 1LoD to ensure all relevant key cybersecurity risk information are properly and adequately maintained in the risk management system tool, check and validate the risk data quality in the system to support accurate reporting and decision making by management.
  • Facilitate and support the 1LoD in conducting thorough risk assessments to evaluate their security, business practices and other factors that may pose risk to the bank.
  • Ensure the business conducts Risk and Control Assessments (RCSAs) in accordance with guidelines issued by Operational Risk through training and conformance reviews, including
  • osupporting (advice and guide) the 1st line in their risk and control activities and risk-return considerations (especially provide second-line opinions on new or significant change initiatives)
  • oconstructively challenge performance of the first-line risk and control activities.
  • Train the first line staff members to understand the defined controls and facilitate them in risk identification and assessment and in executing the controls and performing self-assessments to demonstrate their effectiveness.
  • Review risk assessment and analyze the effectiveness of information security control activities, and report on them with actionable recommendations.
  • Manage the oversight of cybersecurity risk on vulnerability assessments and penetration testing engagements.
  • Serve in an advisory role in application development, major systems implementation projects, technology infrastructure projects etc. to assess relevant security risks requirements and controls; and ensure that security controls are implemented as planned.
  • Continuously research and stay abreast of the new industry cybersecurity risks and recommend 1LoD on the respective controls that need to be implemented.
  • Manage the oversight of the third-party cybersecurity risks identification and assessment.
  • Using various risk management tools and technologies, accurately measure and report cybersecurity risks of the bank.

Risk Mitigation Strategies
  • Support the cybersecurity team in the development and implementation of mitigation strategies.
  • Ensure the cybersecurity teams have accurately implemented various security controls including but not limited to Firewalls, Endpoint Protection and Encryption capabilities.
  • Ensure the cybersecurity teams have established effective response strategies to cybersecurity incidents.
  • Develop and support the implementation of relevant cybersecurity frameworks, policies and procedures within the bank.
  • Work with relevant teams to resolve security issues that are uncovered by various internal and third-party monitoring tools.
  • Work with relevant bank vendors to ensure their products and services meet the banks security requirements
  • Oversee and ensure staff are trained and educated on cybersecurity practices including acceptable internet usage, use and protection of logical access information and awareness on phishing and other cyber threats.
  • Ensure that relevant new requirements from new policies are implemented and followed bank-wide, by interacting with the risk champions of each of the relevant teams and ensuring related controls are embedded in the banks risk and control framework.
Risk Monitoring
  • Perform regular security testing and reviews to ensure bank systems are secure and that security measures are working as required.
  • Follow up on the progress of actions that are relevant to improve the risk posture of the bank including risk and control remediation action plans, resulting from e.g.
  • oRisk and control self-assessment activities;
  • oRisk events such as security related risk incidents.
  • oRelevant actions arising out of governance committees.
  • Build an independent view on the cybersecurity risk posture of the bank by performing
  • oIndependent validations of control assessment by the first line;
  • oRisk-assessments on new and changed products, services and business,
  • oTargeted investigations on specific topics of interest, depending on actual developments within or outside the organisation, in order to provide more clarity in a specific topic of interest.
  • Ensure that cybersecurity risks are put on the meeting agenda of all relevant departments in the bank and contribute in the preparation of these meetings and attend in the meetings themselves when necessary.
  • Follow up on monthly cybersecurity key risk indicator performance results and challenge the risk owners on unfavorable KRI results (amber and red KRI), establish root cause analysis and report on proper remediation plans to ensure risk levels remain within approved limits.
Risk Communication and Reporting
  • Proactively communicate with the Head Technology Risk on cybersecurity and data analytics risk issues. Escalate significant events to relevant stakeholders as appropriate.
  • Produce timely and accurate monthly and quarterly (and ad hoc) reports on cybersecurity and products automated systems controls risks exposure to governance committees.
  • Report to management concerning residual risk, vulnerabilities, and other security exposures, including misuse of information assets and noncompliance.
  • Follow up and gather relevant 1LoD reports for 2LoD view and voice-over for consideration in Technology Risk reporting.
  • Plan and concisely prepare all Technology Risk required reports with determination on report objectives, scope and structure that include but not limited to Management and Board Technology Risk reports.
  • Create well structured, concise, and clear reports based on data analyses, ensuring logical information organization, finding presentation and evidence-supported conclusions. Ensure the report adhere to the bank's style guidance and formatting requirements.
  • Facilitate presentation of complex data in an accessible and understandable manner using data visualization that applies visual elements such as charts, graphs, infographics and tables.
  • Ensure the accuracy, integrity and the reliability of the data and information presented in the reports.

Risk Data Analytics
  • In consultation with relevant teams within the bank, identify areas that should be subject to risk data analytics and perform data extraction and analytics for those areas covering critical systems of the bank and report findings to RCC and EXCO on month basis.
  • Research, recommend and implement relevant data analytics and risk management tools to aid in data analysis and risk management activities.
  • Examine and interpret data to identify risk patterns, trends and insights.
  • Assess the adequacy and effectiveness of key product related application controls and provide assurance on the risk exposure levels.
  • Prepare standard scripts for data analytics for application control testing and all critical systems in the bank, foster the use of robotics in automating the risk data analytics tasks for timely risk exceptions reports.
  • Provide data related issue closure validations and assurance for closed risk actions in governance committees within the bank.
  • Maintain a database of identified risks and tests to be carried in data analytics from the bank's systems across the network.
Oversight and Coordination
  • Serve as the primary contact with the 1LoD and the business stakeholders for streamlined communication with Technology Risk.
  • Support and challenge the 1LoD in their risk related activities by managing a streamlined communication with risk champions and risk owners.
  • Organize and coordinate meetings between Technology Risk and relevant stakeholders within the bank.
  • Collaborate with ICT management and risk champions in the identification, evaluations, reporting and management of their risks, ensuring they are fully aligned with the ERM framework and other relevant policies and procedures of the bank and regulatory requirements.
  • Coordinate all interactions between ICT, the business and Technology Risk ensuring availability of information from either direction.
  • Facilitate and coordinate communication with internal and external auditors for all matters on Technology Risk.
  • Facilitate the identification and correction of risk defective business processes.

Knowledge and Skills:

  • Knowledge of security issues, techniques, and implications across all existing computer platforms.
  • A practical knowledge and understanding of risks, controls, risk management tools and methodologies.
  • Mastery in using data analytics tools such as ACL.
  • Cybersecurity frameworks such as ISO/IEC 27001, NIST Cybersecurity Framework (CSF) and CIS Critical Security Controls.
  • In-depth understanding of ISO/IEC 2007 Information Security Risk Management.
  • Risk & control techniques; Facilitation skills
  • High personal credibility and integrity.
  • Understanding of database systems such as MongoDB, MySQL, SQL server, Oracle and/or PostgreSQL.
  • Ability to use tools for vulnerability management, security monitoring, access & identity management, non-personal/privileged account management and/or multi-factor authentication.
  • Ability to use risk management tools, analytical and problem-solving skills
  • Team player
  • Good written and verbal communication skills
  • Time management - ability to juggle priorities and execute at speed individually and as part of a team.

Qualifications and Experience:
  • Holder of University Degree in Computer Science, Information Systems or other related field
  • Holder of an active professional certification in Information Security including at least one of the following CISSP, CISM or OCSP.
  • 3 years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, database design and administration
  • Previous risk management experience gained within an auditing, operational risk
  • management or compliance/controls type role.
  • Understanding of the core retail and commercial banking product set.
Job opening date: 03-Nov-2023
Job closing date: 17-Nov-2023

NMB Bank Plc is an Equal Opportunity Employer. We are committed to creating a diverse environment and achieving a gender balanced workforce.
Female candidates and people living with disabilities are strongly encouraged to apply for this position.

NMB Bank Plc does not charge any fee in connection with the application or recruitment process. Should you receive a solicitation for the payment of a fee, please disregard it.
Only shortlisted candidates will be contacted

Thanks for reading 2 New Job Opportunities at NMB Bank Plc Tanzania November, 2023 - Various Posts

« Prev Post

No comments:

Post a Comment