Job Purpose
To lead the implementation of the Stanbic Bank Kenya Information Risk policy as it relates to the holistic approach to Information Risk Management. To ensure country compliance with applicable Privacy laws, regulations, and industry standards. To provide oversight of the implementation of the Data Privacy Compliance Framework across all business units in the bank.
Key Deliverables
Risk, Regulatory, Prudential & Compliance
Information Risk Governance: Developing and implementing the information risk and data privacy policies, standards and practices to safeguard the Bank’s information and in response to changing regulations and evolving threats.
Risk assessment: Identifying and assessing information risks including data privacy risks and take measures to mitigate them.
Compliance: Ensuring that the Bank adheres to the Kenya Data Protection Acy of 2019 and other relevant data privacy regulations and good practices.
Privacy impact assessments: Evaluating the impact of changes and processes on data privacy and providing recommendations including regulatory reporting as guided by the ODPC Regulations.
Third parties: Assessing third party vendors’ data protection practices and ensuring they comply with the Bank’s standards.
Act as the central contact point on matters data privacy and co-operate with the Data Commissioner and any other authority on matters relating to data protection.
Facilitate capacity building of staff and other stakeholders involved in data processing operations within the organisation.
Reporting: Providing regular reports to senior management on the organization’s data privacy posture.
Data governance: Overseeing data classification, retention and disposal practices to maintain data integrity and compliance.
Incident management: Developing and maintaining an incident response plan to address data breaches including reporting to relevant stakeholders.
Legal liaison: Collaboration with the Bank’s legal department to ensure compliance with data privacy laws and regulations.
Act as the central contact point on matters data privacy and co-operate with the Data Commissioner and any other authority on matters relating to data protection.
Escalate all strategic and high-risk issues to the Chief Information Risk Officer to ensure these matters are dealt with timeously and as per the standards set out it in the Risk Management Compliance Framework.
Monitoring and documentation and notification on data Breaches to both the regulator and the data subjects.
Ensure that the Bank maintains an up to date inventory of all data and information assets within the organization as per the Bank’s information risk framework.
Access control: Provide an oversight role and report on the effectiveness of the Bank’s compliance to access management related policies.
Data mapping: Creating data flow diagrams and data maps to track the movement of information assets and identify potential points of data leakage.
Lead and drive the digitisation, culture, data driven approach, monitoring and assurance activities and toolbox enablers to ensure the implementation and embeddedness of information risk management and data privacy across the entire organisation.
Keep abreast of and analyse relevant legislative and regulatory developments in collaboration with key stakeholders such as Non-Financial Risk, Compliance and Legal & Governance in order to inform the Risk Management Data Privacy Compliance Framework, to understand the implications for the organisation and to deliver expert advice in collaboration with key stakeholders such Non-Financial Risk, Compliance, Group Legal and Local Data Privacy Officers.
Track to closure all action plans arising from risk assessments, ops risk reviews, internal and external audits, and regulatory inspections to improve the IT and Cyber risks and control environment.
QUALIFICATIONS
Minimum Qualifications
Education Level
Bachelor’s in Computer science, Information Systems or related discipline or a related discipline
Relevant Masters Degree (added advantage)
CISSP; CISA; CISM; CRISC; CDPSE or any privacy related or data privacy certification(s) – at least ONE Mandatory
Risk Management qualification
Information security risk certification.
CCNA certification
Experience Required
Knowledge Required
Practical knowledge of risk and control frameworks and application in financial services industry preferably in banking.
Experienced risk manager. 7+ years of experience working as a senior risk management professional preferably in the Financial Services Sector.
Project management skills to execute risk related projects effectively and the ability to resolve conflicts.
Subject matter expert on information risk management, with knowledge of industry leading practices
Ability to promote strong teamwork and leadership behaviors within the department/function and across the Bank.
Effective communicator with excellent written and verbal presentation skills to a wide variety of senior managers across the Bank.
ADDITIONAL INFORMATION
Behavioral Competencies:
Adopting Practical Approaches
Articulating Information
Challenging Ideas
Checking Details
Developing Strategies
Documenting Facts
Embracing Change
Establishing Rapport
Examining Information
Exploring Possibilities
Following Procedures
Generating Ideas
Managing Tasks
Resolving Conflict
Taking Action
Team Working
Upholding Standards
Technical Competencies:
Analysing Insurable Risk
Automation Acumen
Automation Delivery
Automation Enablement
Automation
Business Continuity and Disaster Recovery Planning
Business Process Design
Business Process Improvement
Client Relationship Management
Collaboration
Compliance
Continuous Improvement
Creative Problem Solving
Data Analytics & Visualization
Data Architecture
Data Compliance
Evaluating Risk Management Effectiveness
Information Management
Information Security Management
Knowledge Management
Legal Compliance
Legal Knowledge
Legal Research
Operations Risk Management
Product and Services Knowledge
Risk Awareness
Risk Identification
Risk Management
Solution Design & Enablement
Strategic Alignment & Execution
go to method of application »
Use the link(s) below to apply on company website.
Apply via :
Leave a Reply