BE PART OF THE TEAM
GRC OFFICER (1) – GOVERNANCE, RISK & COMPLIANCE / TECHNOLOGY DEPARTMENT
Job Scope
Ensuring that the Bank’s IT systems, operations, and processes comply with regulatory requirements, internal policies, and industry standards. The role focuses on identifying, assessing, and mitigating risks while ensuring proper governance and compliance controls are in place to protect the Bank’s technology assets and maintain operational integrity.
KEY RESPONSIBILITIES
Develop, implement, and maintain the Bank’s IT governance, risk management, and compliance policies and frameworks.
Monitor and assess the effectiveness of internal controls related to technology, ensuring compliance with applicable laws, regulations, and standards (e.g., PCI DSS, NIST, ISO 27001).
Conduct regular risk assessments to identify potential vulnerabilities in IT systems, applications, and infrastructure.
Work with various departments to ensure risk mitigation strategies are effectively implemented.
Support audits, inspections, and examinations by internal or external auditors, providing required documentation and ensuring timely responses to audit findings.
Advise management on risk exposure, control weaknesses, and compliance gaps and recommend corrective actions.
Assist in the development and implementation of business continuity and disaster recovery plans.
Develop and conduct regular training programs for staff on governance, risk, and compliance best practices.
Ensure that all IT projects and initiatives comply with the Bank's risk management and compliance policies.
Stay updated on industry regulations, emerging risks, and best practices to ensure the Bank maintains an up-to-date compliance posture.
Prepare reports on risk management and compliance status, highlighting key risks, issues, and actions to senior management.
Track and report on regulatory changes and assist in the implementation of new requirements as necessary.
REQUIREMENTS
Bachelor’s degree in computer science, information technology, business, or a related field, with minimum 3 years of work experience. OR,
Diploma in computer science, information technology, business, or a related field, with minimum 5 years of work experience.
Relevant professional certifications related to fields of GRC (e.g., CISM, CRISC, CISA, ISO 27001 Lead Implementer) are highly desirable.
Knowledge of relevant regulatory requirements, such as PCI DSS, ISO 27001, and banking regulations.
Familiarity with risk management frameworks (e.g., NIST, COBIT, COSO) and best practices.
Familiarity with the Banking IT systems and technologies, including their risks and security concerns.
Strong understanding of information security and IT controls.
Ability to analyze complex regulations and translate them into actionable compliance requirements.
Excellent communication skills to engage with various stakeholders, including management, auditors, and regulatory bodies.
Strong analytical skills with the ability to identify risks, assess their impact, and recommend mitigation strategies.
Proficiency with risk management and compliance tools/software.
High attention to detail and ability to manage multiple projects and priorities effectively.
Documents required with application.
1. Curriculum Vitae (CV) / Resume,
2. Attested educational certificates,
3. National ID card copy,
4. Passport Size Photo
5. Police Report (validity less than 06 months)
Deadline:
Date: 23rd February 2025
Time: 14:30
Inquiries
Should you have any inquiries please send us an email to [email protected].
REMUNERATION
Competitive Salary
Performance-based bonus
Annual Increment
Health insurance for staff and direct dependents
Professional growth and development
Exclusive employee benefits on bank's products.
Please note that only shortlisted candidates will be contacted to attend interview.