Openings at United Bank of Africa (UBA)
- Dashboard
- Job Detail
Deadline of this Job: 24 October 2022
ROLES & RESPONSIBILITIES
1. Establish Governance & Build Knowledge
• Facilitate an information security governance structure through the implementation of a hierarchical governance program
• Provides regular reporting on the current status of the information security program to enterprise risk teams and senior business leaders as part of a strategic enterprise risk management program, thus supporting business outcomes
• Develops, socializes and coordinates approval and implementation of security policies.
• Works with the vendor management office to ensure that information security requirements are included in contracts by liaising with vendor management and procurement organizations
• Directs the creation of a targeted information security awareness training program for all employees, contractors, and approved system users, and establishes metrics to measure the effectiveness of this security training program for the different audiences
• Understands and interacts with related disciplines, either directly or through committees, to ensure the consistent application of policies and standards across all technology projects, systems and services, including privacy, risk management, compliance and business continuity management
• Provides clear risk mitigating directives for projects with components in IT, including the mandatory application of controls
• Embeds Cyber Judgement across a decentralized or distributed decision making model
• Leads the security champion program to mobilize employees in all locations
2. Leadership
• Leads the information security function to ensure consistent and high- quality information security management in support of the business goals determines the information security approach and operating model in consultation with stakeholders and aligned with the risk management approach and compliance monitoring of non-digital risk areas
• Manages the budget for the information security function, monitoring and reporting discrepancies
• Manages the cost-efficient information security organization consisting of direct reports and dotted line reports (such as individuals in business continuity and IT operations). This includes hiring (and conducting background checks), training, staff development, performance management and annual performance reviews
3. Strategy
• Develops an information security vision and strategy that is aligned to the bank priorities and enables and facilitates the business objectives, and ensures senior stakeholder buy-in and mandate.
• Develops, implements and monitors a strategic, comprehensive information security program to ensure appropriate levels of confidentiality, integrity, availability, safety, privacy and recovery of information assets owned, controlled or/and processed by the organization.
• Assists with the identification of non-IT managed IT services in use (“citizen IT”) and facilitates a corporate IT onboarding program to bring these services into the scope of the IT function, and apply standard controls and rigor to these services; where this is not possible, ensures that risk is reduced to the appropriate levels and ownership of this information security risk is clear
• Works effectively with business units to facilitate information security risk
• Assessment and risk management processes, and empowers them to own and accept the level of risk they deem appropriate for their specific risk appetite.
4. Framework Development
• Develops and enhances an up-to-date information security management framework based on the following: International Organization for Standardization (ISO) 2700X, ITIL, COBIT/Risk IT and National Institute of Standards and Technology (NIST) Cybersecurity Framework, PCI-DSS.
• Creates and manages a unified and flexible, risk-based control framework to integrate and normalize the wide variety and ever-changing requirements resulting from global laws, standards and regulations.
• Develops and maintains a document framework of continuously up-to- date information security policies, standards and guidelines. Oversees the approval and publication of these information security policies and practices
• Creates a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection of information assets.
• Facilitates a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitates appropriate resource allocation, and increases the maturity of the information security, and reviews it with stakeholders at the executive and board levels
5. Collaborative Functions
• Provides input for the IT section of the company’s code of conduct. Creates the necessary internal networks among the information security team and line-of-business executives, corporate compliance, audit, physical security, legal and HR management teams to ensure alignment as required.
• Builds and nurtures external networks consisting of industry peers, ecosystem partners, vendors and other relevant parties to address common trends, findings, incidents and cybersecurity risks.
• Liaises with external agencies, such as law enforcement and other advisory bodies, as necessary, to ensure that the organization maintains a strong security posture and is kept well-abreast of the relevant threats identified by these agencies.
• Liaises with the enterprise architecture team to build alignment between the security and enterprise (reference) architectures, thus ensuring that information security requirements are implicit in these architectures and security is built in by design.
6. Operational Functions
• Creates a risk-based process for the assessment and mitigation of any information security risk in the ecosystem consisting of supply chain partners, vendors, consumers and any other third parties.
• Works with the compliance staff to ensure that all information owned, collected or controlled by or on behalf of the company is processed and stored in accordance with applicable laws and other global regulatory requirements, such as data privacy.
• Collaborates and liaises with the data privacy officer to ensure that data privacy requirements are included where applicable.
• Defines and facilitates the processes for information security risk and for legal and regulatory assessments, including the reporting and oversight of treatment efforts to address negative findings.
• Ensures that security is embedded in the project delivery process by providing the appropriate information security policies, practices and guidelines.
• Oversees technology dependencies outside of direct organizational control. This includes reviewing contracts and the creation of alternatives for managing risk.
• Manages and contains information security incidents and events to protect corporate IT assets, intellectual property, regulated data and the company’s reputation
• Monitors the external threat environment for emerging threats, and advises relevant stakeholders on the appropriate courses of action Develops and oversees effective disaster recovery policies and standards to align with the enterprise business continuity management (BCM) program goals, with the realization that components supporting primary business processes may be outside the corporate perimeter
• Coordinates the development of implementation of incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event; provides direction, support and in-house consulting in these areas
• Facilitates and supports the development of asset inventories, including information assets in cloud services and in other parties in the organization’s ecosystem
ROLES & RESPONSIBILITIES
1. Establish Governance & Build Knowledge
• Facilitate an information security governance structure through the implementation of a hierarchical governance program
• Provides regular reporting on the current status of the information security program to enterprise risk teams and senior business leaders as part of a strategic enterprise risk management program, thus supporting business outcomes
• Develops, socializes and coordinates approval and implementation of security policies.
• Works with the vendor management office to ensure that information security requirements are included in contracts by liaising with vendor management and procurement organizations
• Directs the creation of a targeted information security awareness training program for all employees, contractors, and approved system users, and establishes metrics to measure the effectiveness of this security training program for the different audiences
• Understands and interacts with related disciplines, either directly or through committees, to ensure the consistent application of policies and standards across all technology projects, systems and services, including privacy, risk management, compliance and business continuity management
• Provides clear risk mitigating directives for projects with components in IT, including the mandatory application of controls
• Embeds Cyber Judgement across a decentralized or distributed decision making model
• Leads the security champion program to mobilize employees in all locations
2. Leadership
• Leads the information security function to ensure consistent and high- quality information security management in support of the business goals determines the information security approach and operating model in consultation with stakeholders and aligned with the risk management approach and compliance monitoring of non-digital risk areas
• Manages the budget for the information security function, monitoring and reporting discrepancies
• Manages the cost-efficient information security organization consisting of direct reports and dotted line reports (such as individuals in business continuity and IT operations). This includes hiring (and conducting background checks), training, staff development, performance management and annual performance reviews
3. Strategy
• Develops an information security vision and strategy that is aligned to the bank priorities and enables and facilitates the business objectives, and ensures senior stakeholder buy-in and mandate.
• Develops, implements and monitors a strategic, comprehensive information security program to ensure appropriate levels of confidentiality, integrity, availability, safety, privacy and recovery of information assets owned, controlled or/and processed by the organization.
• Assists with the identification of non-IT managed IT services in use (“citizen IT”) and facilitates a corporate IT onboarding program to bring these services into the scope of the IT function, and apply standard controls and rigor to these services; where this is not possible, ensures that risk is reduced to the appropriate levels and ownership of this information security risk is clear
• Works effectively with business units to facilitate information security risk
• Assessment and risk management processes, and empowers them to own and accept the level of risk they deem appropriate for their specific risk appetite.
4. Framework Development
• Develops and enhances an up-to-date information security management framework based on the following: International Organization for Standardization (ISO) 2700X, ITIL, COBIT/Risk IT and National Institute of Standards and Technology (NIST) Cybersecurity Framework, PCI-DSS.
• Creates and manages a unified and flexible, risk-based control framework to integrate and normalize the wide variety and ever-changing requirements resulting from global laws, standards and regulations.
• Develops and maintains a document framework of continuously up-to- date information security policies, standards and guidelines. Oversees the approval and publication of these information security policies and practices
• Creates a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection of information assets.
• Facilitates a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitates appropriate resource allocation, and increases the maturity of the information security, and reviews it with stakeholders at the executive and board levels
5. Collaborative Functions
• Provides input for the IT section of the company’s code of conduct. Creates the necessary internal networks among the information security team and line-of-business executives, corporate compliance, audit, physical security, legal and HR management teams to ensure alignment as required.
• Builds and nurtures external networks consisting of industry peers, ecosystem partners, vendors and other relevant parties to address common trends, findings, incidents and cybersecurity risks.
• Liaises with external agencies, such as law enforcement and other advisory bodies, as necessary, to ensure that the organization maintains a strong security posture and is kept well-abreast of the relevant threats identified by these agencies.
• Liaises with the enterprise architecture team to build alignment between the security and enterprise (reference) architectures, thus ensuring that information security requirements are implicit in these architectures and security is built in by design.
6. Operational Functions
• Creates a risk-based process for the assessment and mitigation of any information security risk in the ecosystem consisting of supply chain partners, vendors, consumers and any other third parties.
• Works with the compliance staff to ensure that all information owned, collected or controlled by or on behalf of the company is processed and stored in accordance with applicable laws and other global regulatory requirements, such as data privacy.
• Collaborates and liaises with the data privacy officer to ensure that data privacy requirements are included where applicable.
• Defines and facilitates the processes for information security risk and for legal and regulatory assessments, including the reporting and oversight of treatment efforts to address negative findings.
• Ensures that security is embedded in the project delivery process by providing the appropriate information security policies, practices and guidelines.
• Oversees technology dependencies outside of direct organizational control. This includes reviewing contracts and the creation of alternatives for managing risk.
• Manages and contains information security incidents and events to protect corporate IT assets, intellectual property, regulated data and the company’s reputation
• Monitors the external threat environment for emerging threats, and advises relevant stakeholders on the appropriate courses of action Develops and oversees effective disaster recovery policies and standards to align with the enterprise business continuity management (BCM) program goals, with the realization that components supporting primary business processes may be outside the corporate perimeter
• Coordinates the development of implementation of incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event; provides direction, support and in-house consulting in these areas
• Facilitates and supports the development of asset inventories, including information assets in cloud services and in other parties in the organization’s ecosystem
Deadline of this Job: 23/10/2022
JOB DETAILS:
COMPETENCIES
• Industry and market knowledge (self and Excellent relationship management skills and customer) the ability to use these to develop new business.
• Product service knowledge (Cash opportunities, Management, Credit, E-Banking, Treasury, Trade).
• Team leadership and management skills. Business and financial acumen.
• Core Business Processes.
• Strategy formulation & Business Awareness. Regulatory Compliance Creativity & Innovation.
• Relationship management.
• Ability to Inspire & Manage Change. Macro-economic environment.
• Decision Making, Problem Solving, Diversity, Management.
RESPONSIBILITIES
• Responsible for the Sales businesses units of UBA Tanzania.
• Develop sales strategies to acquire and maintain clients for sales businesses teams in coordination with product and sales teams.
• Develop and maintain excellent relationships with key customers and prepare various vertical market strategies to enhance growth.
• Track and monitor existing and emerging opportunities and develop alliances to ease conversion, wallet share growth and service offerings to clients and customers.
• Prepare and document all market plans and drive to convert the plans to value.
• Analyze and prepare forecasts and estimates for various selling procedures as well as measure and assess the profitability of the relationships.
• Work closely with other relevant key stakeholders to drive trade and other businesses.
• Provide support to Unit/department Heads, Relationship Managers/ Officers in the expansion and deepening of relationships for the bank.
• Provide required training for Relationship Managers/ Officers to generate adequate value.
• Develop and secure approval for the relevant business strategies and ensure effective implementation in line with approved budget.
• Manage overall performance on revenue, profitability and growth of the business lines for the bank.
• Ensure adequate resourcing at all levels of the different businesses and coach/motivate employees to effectively execute the strategic decisions to meet corporate goals for the bank.
• Ensure desirable performance against budget. Ensure full compliance with regulatory and statutory requirements for the bank.
EDUCATION REQUIREMENT
• Minimum of a first degree in relevant area of discipline.
• Masters’ degree or Professional Qualification in relevant discipline is desirable.
EXPERIENCE
A minimum of 15 years’ relevant banking experience of which at least 5 must be at senior management level.
JOB DETAILS:
COMPETENCIES
• Industry and market knowledge (self and Excellent relationship management skills and customer) the ability to use these to develop new business.
• Product service knowledge (Cash opportunities, Management, Credit, E-Banking, Treasury, Trade).
• Team leadership and management skills. Business and financial acumen.
• Core Business Processes.
• Strategy formulation & Business Awareness. Regulatory Compliance Creativity & Innovation.
• Relationship management.
• Ability to Inspire & Manage Change. Macro-economic environment.
• Decision Making, Problem Solving, Diversity, Management.
RESPONSIBILITIES
• Responsible for the Sales businesses units of UBA Tanzania.
• Develop sales strategies to acquire and maintain clients for sales businesses teams in coordination with product and sales teams.
• Develop and maintain excellent relationships with key customers and prepare various vertical market strategies to enhance growth.
• Track and monitor existing and emerging opportunities and develop alliances to ease conversion, wallet share growth and service offerings to clients and customers.
• Prepare and document all market plans and drive to convert the plans to value.
• Analyze and prepare forecasts and estimates for various selling procedures as well as measure and assess the profitability of the relationships.
• Work closely with other relevant key stakeholders to drive trade and other businesses.
• Provide support to Unit/department Heads, Relationship Managers/ Officers in the expansion and deepening of relationships for the bank.
• Provide required training for Relationship Managers/ Officers to generate adequate value.
• Develop and secure approval for the relevant business strategies and ensure effective implementation in line with approved budget.
• Manage overall performance on revenue, profitability and growth of the business lines for the bank.
• Ensure adequate resourcing at all levels of the different businesses and coach/motivate employees to effectively execute the strategic decisions to meet corporate goals for the bank.
• Ensure desirable performance against budget. Ensure full compliance with regulatory and statutory requirements for the bank.
EDUCATION REQUIREMENT
• Minimum of a first degree in relevant area of discipline.
• Masters’ degree or Professional Qualification in relevant discipline is desirable.
EXPERIENCE
A minimum of 15 years’ relevant banking experience of which at least 5 must be at senior management level.
Job Info
Job Category:
Several Jobs in one Advert jobs in Tanzania
Job Type:
Full-time
Deadline of this Job: 23 October 2022
Duty Station: Dar es Salaam
Posted:
20-10-2022
No of Jobs:
2
Start Publishing:
20-10-2022
Stop Publishing (Put date of 2030):
20-10-2066
Apply Now
Notification Board
Join a Focused Community on job search to uncover both advertised and non-advertised jobs that you may not be aware of. A jobs WhatsApp Group Community can ensure that you know the opportunities happening around you and a jobs Facebook Group Community provides an opportunity to discuss with employers who need to fill urgent position. Click the links to join. You can view previously sent Email Alerts here incase you missed them and Subscribe so that you never miss out.
Caution: Never Pay Money in a Recruitment Process.
Some smart scams can trick you into paying for Psychometric Tests.