...
Senior Specialist; Cyber Security Governance & Compliance at CRDB Bank
Reporting Line
Manager; Cyber Security Governance & Compliance
Location
Tanzania Head Office
Department
CYBERSECURITY UNIT
Number of openings
1
Job Purpose
Responsible for ensuring effective and efficient of the Cybersecurity Governance, Risk & Compliance (GRC), and act as a central point of contact for all GRC related matters from internal and external stakeholders.
Principle Responsibilities
- Develop, implement, and maintain cybersecurity governance frameworks, policies, standards, and procedures to ensure alignment with regulatory requirements and industry best practices.
- Monitor compliance with internal security policies and applicable laws and regulations (e.g., ISO 27001, NIST, GDPR), and support internal and external audits.
- Conduct regular risk assessments and compliance reviews across business units to identify control gaps and recommend mitigation measures.
- Collaborate with IT, Risk, Legal, and Business Units to ensure cyber governance and compliance objectives are integrated into enterprise processes.
- Track and report on cybersecurity governance and compliance metrics, highlighting areas of improvement and risk exposure.
- Lead awareness initiatives and training programs to promote a strong cybersecurity culture across the organization.
- Support the implementation of security controls and ensure their effectiveness through continuous monitoring and evaluation.
- Stay updated on emerging cybersecurity regulations, threats, and trends, and proactively recommend policy or control adjustments.
- Contribute to incident response and post-incident reviews to ensure lessons learned are integrated into governance and compliance strategies.
- Represent the Governance & Compliance unit in internal committees, working groups, and external regulatory engagements when required.
Qualifications Required
- Bachelor’s degree in Computer Science, Computer Information Systems, Management Information Systems, or a related field.
- Possession of at least one relevant professional certification such as COBIT, ITIL, CGEIT, CRISC, CISA, CISM, or CISSP.
- Strong understanding of cybersecurity frameworks and standards, particularly ISO/IEC 27001 and PCI-DSS.
- Minimum of 3 years of hands-on experience in Cybersecurity Governance and Supplier Risk Management, preferably within the banking or financial services sector.
- Proven ability to work effectively in a fast-paced, deadline-driven environment, managing multiple priorities simultaneously.
- Demonstrated experience in engaging with various stakeholders, including employees, auditors, vendors, and contractors, with strong communication and coordination skills.