Job Purpose
As part of the Engineering Control team and working closely with the IT Information Security team, support in managing all aspects of Technology governance and compliance framework in Stanbic Bank Kenya. This includes accountability for regulatory compliance, ensuring full alignment with the requirements of Risk, Audit, Legal and Compliance, and conformance to Group Technology standards.
Key Responsibilities/Accountabilities
Build Regulatory Compliance Understanding
Ownership of the IT regulatory compliance framework.
Working closely with the Legal, Compliance and Risk teams and external experts where necessary, maintain an up to date view of relevant regulatory requirements.
Working with Legal and Compliance to ensure that any regulatory reporting requirements, for example in response to a breach, are well understood.
Implement and manage processes to ensure compliance.
Own and Implement IT Policies and Procedures
Own all country IT policies, ensuring alignment with Group IT and manage the ongoing review and adoption by the various stakeholders.
Ensure IT policy documents are reviewed in line with governance and regulatory requirements.
Ensure processes are in place to monitor, and where appropriate, report on compliance.
Ensure online access to relevant and up to date IT policies and procedures
Third Party Risk Management
In collaboration with other key stakeholders within the Engineering unit, implement the Third Part Risk Management framework.
Ensure Third Party Risk Assessments are conducted in conjunction with Procurement team and other key stakeholders.
Operational Governance and Risk Management
Help define and manage the governance framework within the Engineering Operating model.
Undertake Risk and Control reviews for all the Technology functions within the Engineering unit
Support the Head of Engineering Control in the preparation of documentation for various governance committees and help manage actions as required.
Facilitation of the Information Risk Remediation plan and Risk Control Self
Assessments (RCSA) in collaboration with all the risk functions.
Oversight and management of internal and external audit processes as required.
Provide IT Governance and Compliance input into projects and initiatives
Ensure audit findings are adequately monitored and addressed.
Preferred Qualification and Experience
A Bachelor’s degree in Information Management or Computer Science or Data Governance or Information Security
Total number of years’ experience: 3 – 4 years in similar role
Other Minimum Qualifications, certifications or professional memberships
• Certified Information Systems Auditor
• Certified Information Systems Security Professional or Certified Security Analyst
Working within an information or data governance function with two years’ experience leading a data and/or security governance programme.
Demonstrated knowledge of data governance practices, business and technology issues related to management of enterprise information assets and approaches related to data protection.
Sound knowledge of industry-leading data quality and data protection management practices.
Practical experience in the implementation of IT policies and procedures.
Experience in the monitoring of IT risk and security controls to ensure compliance and business cyber-resilience.
Experience liaising with Internal Audit and other oversight units on enforcing compliance with company policies and best practices.
A good understanding of information management practices including information lifecycle management, data modelling, master data management and the conduct of business audits and requirements gathering.
go to method of application »
Use the link(s) below to apply on company website.
Apply via :
Leave a Reply