Senior Manager, IT Governance & Compliance

Job Purpose Statement
This role will drive the governance and compliance roles within Information Technology department, by establishing the appropriate information technology and information security policy frameworks, driving compliance and best practice standards, and ensuring that risk management is well managed and enshrined within the Information Technology department across the NBCA Group. This role will also manage the Business Continuity program for Information Technology, ensuring that IT services are available to the business and customers in the event of any unforeseen disruption, within the agreed service levels (RPO and RTO).
Key Accountabilities (Duties and Responsibilities)
Policy & Governance Framework 35% 

Custodian of Information Technology (IT) & Information Security (IS) policy and process governance frameworks across the Group.
Manage the IT and IS policy framework, including creation, review, update, awareness and monitoring of policies.
Keep up-to-date with regulations and prudential guidelines affecting information technology and information security, and continuously update the Bank’s policies, standards and procedures
Administration and management of Information Technology and Information Security processes.
Provide guidance to IT and drive technology best practices (COBIT, ISO 27001, PCI DSS), while enshrining these with the IT policies and practices.

Risk & Audit Management 35% 

Manage risk management tools and practices within IT; including Risk Control Self Assessments (RCSA) and IT risk registers, across the Group.
Manage and act as the key liaison for all Internal and External IT and IS audit and risk assessment engagements across the Group.
Track and report on IT audit and risk findings, including managing IT management forums for discussion and reporting of these findings.
Manage the Information Security Awareness program across the Group and with external stakeholders, including awareness trainings, tools and reporting.
Risk champion for the IT department.

Business Continuity Planning 20% 

Manage the Business Continuity Program (including IT Business Impact Analysis) within IT, across the Group.
In liaison with the other IT stakeholders, maintain upto-date disaster recovery plans and ensure recovery procedures are effective for restoration of key IT systems and therefore resumption of critical business processes
Manage Disaster Recovery and backup testing schedules, reporting and remedial actions.
Regular monitoring and reporting on any significant gaps on IT business continuity practices, including data replication and backups.

People leadership 10% 

Leadership and performance management for direct reports. Regular feedback and objective end of year evaluations
Coordinate and manage team of resources and consultants in fulfilment of the governance & compliance function.
Direct and supervises the work of personnel and/or contractors assigned to the department. 

Ideal Job Specifications

Bachelor’s Degree in, Information Systems, Computer Science, Information Security or related field required
At least 7 years’ experience in IT, Information Security or IT Governance, with 2 years in a managerial role within a highly digitized organization.
3+ years’ experience conducting IT compliance assessments or IT governance and assurance/compliance assessments in an organization.
Relevant certifications in information security knowledge areas, such as Information Systems Audit, Information Security Management or Business Continuity/Disaster Recovery.
Knowledge of information security best practice & compliance standards.
Knowledge and experience in audit management and reporting
Prior experience working within a financial service organization will be an added advantage

Apply via :

ke.ncbagroup.com