ICT Risk & Compliance Specialist Job Vacancy at CRDB Bank Plc Tanzania – January 2021

ICT Risk & Compliance Specialist Job Vacancy at CRDB Bank Plc Tanzania – January

CRDB Bank Plc
Jobs in Tanzania 2021: New Career Opportunities at CRDB Bank Plc, 2021
CRDB Bank Plc is an African bank and a leading Financial Services Provider in Tanzania with current presence in Tanzania and Burundi, East Africa. The Bank was established in 1996 and was listed on The Dar Es Salaam Stock exchange (DSE) in June 2009.

Over the years, CRDB Bank has grown to become the most innovative and preferred financial services partner in the region. Supported by a robust portfolio and uniquely tailored products, CRDB Bank remains the most responsive bank in the region.


We are a collection of individuals who believe in excellence. We are always on the lookout for fresh talent and we hire people who have the drive to succeed and the will to implement the discipline required to succeed. We focus on nurturing our team and providing our team with an environment that is conducive to creative thought.

Career Opportunities: ICT Risk & Compliance Specialist (462)
Requisition ID 462
Posted 01/22/2021
Free CV Writing and Download, Cover/Job Application Letters, Interview Questions and It’s Best Answers plus Examples. Click Here!

CRDB Bank PLC is looking for a suitable candidate to fill 2 vacant position of ICT Risk & Compliance specialist existing in the Department of Information & Communication Technology (ICT) at Head Office, Dar es Salaam.

Job Purpose:
Responsible for managing and maintaining the IT risk assurance program which includes Information security policies, controls, guidance and best practices aimed to reduce operational IT risk.
This position is responsible for assessing and facilitating IT risk-related activities such as IT audits, regulatory exams, compliance testing, investigations and control attestations.
Review system’s security documentation in order to identify potential security weaknesses, recommend improvements to amend vulnerabilities, implement changes and document security relevant changes.
Inform users about security measures needed to address certain security issues, explain potential threats


Responsibilities for the Role:

  • Coordinate regular compliance, risk, maturity, and audit reviews executed within the ICT functions, including reporting progress against identified areas of improvement.
  • Participate in the implementation of technological audit and regulator recommendations to ensure compliance to both bank and regulatory requirements.
  • Ensure all relevant ICT documents like policies, procedures, processes are reviewed regularly according to the policies and maintained.
  • Ensures compliance with ICT security policies and the alignment of ICT procedures and policies; ensures the adherence of ICT working instructions, systems, and software applications to established procedures, policies, standards, and best practices.
  • Review all Bank’s Information Systems such as workstations and servers to ensure that they are well protected against virus attacks and are updated with the latest security patches according to the policy
  • Training users and promoting information security awareness to enhance the overall compliance with the Bank’s security standards, procedures, policies, checklists, statutory and regulatory requirements.
  • Advise ICT team of emerging compliance issues and consults and guides the Bank in the establishment of controls to mitigate risks and ensure all employees are educated on the latest regulations and processes.
  • Facilitate and coordinate user access reviews which will be performed quarterly and System reviews which will be performed semi-annually.
  • Responding to all governance reports from different committees and Boards such as MARC, ORC, and FPC.
  • Perform monitoring and review the adherences of ISO 27001 and PCI standards
  • Monitoring the compliance of licenses and vendor contracts and vendor SLA
  • Provides guidance, evaluation, and advocacy on audit findings and recommendations and ensures appropriate mitigation actions are developed and implemented in a timely manner.
  • Undertake risk control self-assessment prior to any independent audit or assessment, report and raise any issue noted for management attention and recording.
  • Working closely with the Department of Risk and Compliance, Internal & External auditors to ensure all system-related risks and gaps identified are timely addressed.
  • Tracking of all audit issues raised by internal and external auditors to its closure
  • Collecting and validating all supporting evidence requested in risk assessment and audit reviews
  • Reports all KRI (Key Risk Indicator) and RCSA (Risk Control Self-Assessment) into the Risk department on monthly basis.
  • Performing risk assessment on a Quarterly basis
  • Updating ICT Risk register and track all gaps identify in risk assessment and act as ICT Risk champion.

Knowledge, Skills, Qualifications, and Experiences Required for the Role.

Bachelor’s degree in Computer Science, Computer Information Systems, Management Information Systems
Professional Certifications like CISA, CISM, CGEIT will be an added advantage.
At least 2 years of general ICT Auditing, Risk, compliance, and governance experience in banking or a similar environment.
Ability to work well under minimal supervision
Strong interpersonal, written, and oral communication skills.
Excellent interpersonal and networking skills, internally and externally.
Broad understanding of Governance, assurance, and compliance frameworks and their linkage to bank industry in the Tanzania environment
Technical knowledge of Information & Communication Technologies and Information Security.
Understanding of Information Security, Audit, risk management or internal controls experience.MODE OF APPLICATION: APPLY ONLINE


Leave a Reply