Summary
Date Posted: Thursday, August 17 2023, Base Salary: Not Disclosed

JOB DETAILS:
Job Purpose:
Ensuring that technology risks within the bank are structurally managed, so that the bank can make sound decisions in matters that affect the risk posture of the bank.

Main Responsibilities:
Risk Assessment & Management
• Develop short-term, medium term and long-term technology risk strategies for the bank. Oversee further, implementation of a technology risk management framework roadmap, including key prioritization and sequencing of key risk systems to support the bank’s strategic goals.
• Leading a second line function that is responsible for executing a holistic, integrated operating model inclusive of performance of technology capability risk assessments, conducting credible challenge activities and ongoing monitoring against industry risk frameworks standards and those set by the bank.
• Oversee the establishment and implementation of technology standards, procedures, and frameworks for the coverage domains.
• Provide leadership in risk identification, key risk indicator identification, and risk mitigation strategies in the technology domain. Engage business and technology managers to identify key control indicators and maintain effective and efficient continuous control monitoring processes.
• Oversee and support the identification of risk-based opportunities for technology automation, cost savings, and service quality improvement.
• Actively challenge and influence the strategy and vision on managing the relevant risk areas, bank-wide, thereby directly influencing decision making on executive board and ICT management team levels.
• Define and facilitate the process to identify, challenge, investigate, assess and analyse key Continuity, IT-Operations, Cyber Security and Third-Party risks at the business level and aggregated for NMB. This includes
• Supporting (advice and guide) the 1st (Line of Defence) LoD in their risk and control activities and risk-return considerations (especially provide second-line opinions on new or significant change initiatives).
• Constructively challenge the performance of the first-line risk and control activities (i.e. risk assessments, controls, incident, action and finding management);
• Measure and report risk exposures, trends in the evolution of the risk profile of NMB and in the external business environment, concentrations and risk-taking outcomes, departmentally and for the bank-wide risk profile, scrutinizing them against the Risk Appetite and strategic goals.
• Ensure that second line opinion are formulated and submitted to relevant management bodies when decisions are made with key impact on the risk profile of the bank.
• Interface with emerging risk and regulatory changes as well as best practices, providing for the second line view on technology related risks within the bank. Transcribe risk strategy and regulatory requirements into risk policy and risk mitigating measures.
• Facilitate and challenge development of risk appetite and limits setting with the Technology team.
• Monitoring of controls to ensure technology activities are aligned and there aren’t any breaches to the legal and regulatory environment.
• Proactively challenge risk taking, provide advise on effective and efficient approvals and oversight via Delegation of Authority (DOA).
• Provide oversight for day-to-day operations to improve on costs, performance, and end-user satisfaction.
• Develop enterprise-wide technology risk frameworks, policies, processes and standards as well as the Technology Risk governance and control processes in collaboration with technology team.
• Translate the strategy of the bank into tactical plans for own area of responsibility, set priorities and ensure alignment with the business and with other disciplines.
• Develop enterprise-wide technology risk frameworks, policies, processes and standards as well as the Technology Risk governance and control in collaboration with the Technology team
• Develop policies, models, standards, training in collaboration with 1st LoD and ensure successful implementation of the same by the 1st LoD. Enable innovation and seek to leverage technology risk trends that can create business value consistent with the bank’s complex requirements and expectations.
• Train the first line staff members to understand the defined controls and facilitate them in risk identification and assessment and in executing the controls and performing self-assessments to demonstrate their effectiveness.
• Development of an annual budget and ensure it is managed and tracked appropriately.
• Provide guidance and mentorship to the team members; further increase the level of technology risk management expertise on all four disciplines – Cybersecurity, IT Operations, Third Party and BCM.
• Regular interaction with senior management in all departments in the bank (where the one of the four risk disciplines is relevant) with respect to the risk areas, both in facilitating improvement of risk and control activities and in challenging decisions to be taken with respect to risk acceptance or control measures taken.
• Interface with business unit managers to define technology risk management support initiatives and composable solutions for improving service efficiency and effectiveness.
• Stakeholder Relationship Management
• Develop and maintain relationships with key Business leaders across the business to drive ownership and awareness of operational risk and to promote a proactive risk/reward approach to the management of operational risk.
• Establish and maintain effective contacts with key regulatory and industry bodies on technology risk matters to ensure timely and adequate closure.
• Manage strategic relationships with key technology and business stakeholders in maintaining an effective combined assurance model within the bank.
• Team Leadership & Management
• Directly manage, coach, and develop a small team of technology risk professionals.
• Team optimization. Re-organization into pro-active approach and business engagement to derive value.
• Promote a culture of service excellence within the team in all its dealings with internal clients (and external parties as appropriate).

Knowledge and Skills:
• In-depth understanding of organizational structures and business processes.
• Sound understanding of the technicalities of operational and non-financial risk management, with broad familiarity with a variety of risk assessment analytics.
• Sound understanding of the IT domain.
• Detailed understanding of the current regulatory environment for IT, operational and non-financial risks.
• Broad based knowledge of control frameworks and strategies affecting risk management
• A detailed understanding of risk principles, processes and techniques and their practical application.
• Risk and control techniques (e.g. risk assessment, control design and evaluation, auditing, risk mitigation)
• Excellent analytical skills and problem-solving ability
• Strong decision making skills
• Strategic vision and strategy execution
• Ability to create and maintain an internal and external network
• Strong written and spoken communications
• Advanced presentation skills
• Influencing and negotiation skills
• Leadership and coaching skills
• High personal credibility and integrity

Qualifications and Experience:
• Bachelor’s degree in Computer Science or related academic field
• Holder of active professional certification in Technology Risk, Audit or Cybersecurity, such as CISSP, CISA, CISM, CRISC
• NIST certification is an added advantage.
• At least 10 years of relevant work experience in a large enterprise environment which includes at least 4 years in a management position.
• Experience with the banking or other financial sector will be an added advantage.
• Working experience in risk management, IT security or audit areas within organizations of a similar scale or equivalent.

NMB Bank Plc is an Equal Opportunity Employer. We are committed to creating a diverse environment and achieving a gender balanced workforce.

Female candidates and people living with disabilities are strongly encouraged to apply for this position.
NMB Bank Plc does not charge any fee in connection with the application or recruitment process. Should you receive a solicitation for the payment of a fee, please disregard it.

Only shortlisted candidates will be contacted

Job closing date : 30-Aug-2023



Work Hours: 8

Experience in Months: 120

Level of Education: Bachelor Degree

Job application procedure
Interested and qualified? Click here to apply

All Jobs

QUICK ALERT SUBSCRIPTION